IEEE Transactions on Dependable and Secure Computing最新文献

筛选
英文 中文
Efficient Identity-Based Data Integrity Auditing with Key-Exposure Resistance for Cloud Storage 基于身份的高效数据完整性审计与抗密钥暴露云存储
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2022.3228699
Wenting Shen, Jia Yu, Ming Yang, Jiankun Hu
{"title":"Efficient Identity-Based Data Integrity Auditing with Key-Exposure Resistance for Cloud Storage","authors":"Wenting Shen, Jia Yu, Ming Yang, Jiankun Hu","doi":"10.1109/tdsc.2022.3228699","DOIUrl":"https://doi.org/10.1109/tdsc.2022.3228699","url":null,"abstract":"The key exposure is a serious threat for the security of data integrity auditing. Once the user's private key for auditing is exposed, most of the existing data integrity auditing schemes would inevitably become unable to work. To deal with this problem, we construct a novel and efficient identity-based data integrity auditing scheme with key-exposure resilience for cloud storage. This is achieved by designing a novel key update technique, which is fully compatible with BLS signature used in identity-based data integrity auditing. In our design, the Third Party Auditor (TPA) is responsible for generating update information. The user can update his private key based on the private key in one previous time period and the update information from the TPA. Furthermore, the proposed scheme supports real lazy update, which greatly improves the efficiency and the feasibility of key update. Meanwhile, the proposed scheme relies on identity-based cryptography, which makes certificate management easy. The security proof and the performance analysis demonstrate that the proposed scheme achieves desirable security and efficiency.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"4593-4606"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62407031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Improving Cryptocurrency Crime Detection: CoinJoin Community Detection Approach 改进加密货币犯罪检测:CoinJoin社区检测方法
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3238412
Anton Wahrstatter, Jorão Gomes, Sajjad Khan, D. Svetinovic
{"title":"Improving Cryptocurrency Crime Detection: CoinJoin Community Detection Approach","authors":"Anton Wahrstatter, Jorão Gomes, Sajjad Khan, D. Svetinovic","doi":"10.1109/tdsc.2023.3238412","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3238412","url":null,"abstract":"The potential of Bitcoin for money laundering and terrorist financing represents a significant challenge in law enforcement. In recent years, the use of privacy-improving CoinJoin transactions has grown significantly and helped criminal actors obfuscate Bitcoin money flows. In this study, we use unsupervised machine learning to analyze the complete Bitcoin user graph in order to identify suspicious actors potentially involved in illegal activities. In contrast to the existing studies, we introduce a novel set of features that we use to identify potential criminal activity more accurately. Furthermore, we apply our clustering algorithm to a CoinJoin-adjusted variant of the Bitcoin user graph, which enables us to analyze the network at a more detailed, user-centric level while still offering opportunities to address advanced privacy-enhancing techniques at a later stage. By comparing the results with our ground truth data set, we find that our improved clustering method is able to capture significantly more illicit activity within the most suspicious clusters. Finally, we find that users associated with illegal activities commonly have significant short paths to CoinJoin wallets and show tendencies toward outlier behavior. Our results have potential contributions to anti-money laundering efforts and combating the financing of terrorism and other illegal activities.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"4946-4956"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62410289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Circom: A Circuit Description Language for Building Zero-knowledge Applications 一种用于构建零知识应用的电路描述语言
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2022.3232813
Marta Bellés-Muñoz, Miguel Isabel, J. L. Muñoz-Tapia, A. Rubio, Jordi Baylina
{"title":"Circom: A Circuit Description Language for Building Zero-knowledge Applications","authors":"Marta Bellés-Muñoz, Miguel Isabel, J. L. Muñoz-Tapia, A. Rubio, Jordi Baylina","doi":"10.1109/tdsc.2022.3232813","DOIUrl":"https://doi.org/10.1109/tdsc.2022.3232813","url":null,"abstract":"A zero-knowledge (ZK) proof guarantees that the result of a computation is correct while keeping part of the computation details private. Some ZK proofs are tiny and can be verified in short time, which makes them one of the most promising technologies for solving two key aspects: the challenge of enabling privacy to public and transparent distributed ledgers and enhancing their scalability limitations. Most practical ZK systems require the computation to be expressed as an arithmetic circuit that is encoded as a set of equations called rank-1 constraint system (R1CS). In this paper, we present Circom, a programming language and a compiler for designing arithmetic circuits that are compiled to R1CS. More precisely, with Circom, programmers can design arithmetic circuits at a constraint level, and the compiler outputs a file with the R1CS description, and WebAssembly and C++ programs to efficiently compute all values of the circuit. We also provide an open-source library called circomlib with multiple circuit templates. Circom can be complemented with snarkjs, a library for generating and validating ZK proofs from R1CS. Altogether, our software tools abstract the complexity of ZK proving mechanisms and provide a unique and friendly interface to model low-level descriptions of arithmetic circuits.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"4733-4751"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62409334","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Spenny: Extensive ICS Protocol Reverse Analysis via Field Guided Symbolic Execution 通过现场引导符号执行进行广泛的ICS协议反向分析
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2022.3228076
Yue Sun, Zhi Li, Shichao Lv, Limin Sun
{"title":"Spenny: Extensive ICS Protocol Reverse Analysis via Field Guided Symbolic Execution","authors":"Yue Sun, Zhi Li, Shichao Lv, Limin Sun","doi":"10.1109/tdsc.2022.3228076","DOIUrl":"https://doi.org/10.1109/tdsc.2022.3228076","url":null,"abstract":"Industrial Control System (ICS) protocols have built a tight coupling between ICS components, including industrial software and field controllers such as Programmable Logic Controllers (PLCs). With more ICS components are exposed on the Internet, huge threats are emerging through the exploitation on the inherent defects of ICS protocols. However, the proprietary of ICS protocols makes it extremely hard to build intrusion detection system or perform penetration tests for ICS security reinforcement. In this work, we introduce a symbolic-execution based protocol reverse analysis framework to extract the message format and field type of ICS protocols from real-world PLC firmware. We design new coverage metric and path prioritization strategy to enhance symbolic execution for extensive protocol reverse analysis. Moreover, we propose a field-expression based method on protocol message format inference, along with the analysis on the value ranges of fields which are ignored by previous work. Our evaluation shows that our methods can extract more protocol information during symbolic execution, and achieve high accuracy on protocol reverse analysis compared to Wireshark. Furthermore, we equip the results on private ICS protocols with a black-box fuzzer to test two real-world PLCs. In total, we have found 10 vulnerabilities, including 4 new vulnerabilities.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"4502-4518"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62406558","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards Attack-Resistant Service Function Chain Migration: A Model-based Adaptive Proximal Policy Optimization Approach 抗攻击业务功能链迁移:一种基于模型的自适应近端策略优化方法
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3237604
Tao Zhang, Changqiao Xu, Bingchi Zhang, XinRan Li, Xiaohui Kuang, L. Grieco
{"title":"Towards Attack-Resistant Service Function Chain Migration: A Model-based Adaptive Proximal Policy Optimization Approach","authors":"Tao Zhang, Changqiao Xu, Bingchi Zhang, XinRan Li, Xiaohui Kuang, L. Grieco","doi":"10.1109/tdsc.2023.3237604","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3237604","url":null,"abstract":"Network function virtualization (NFV) supports the rapid development of service function chain (SFC), which efficiently connects a sequence of network virtual function instances (VNFIs) placed into physical infrastructures. Current SFC migration mechanisms usually keep static SFC deployment after finishing certain objectives, and deployment methods mostly provide static resource allocation for VNFIs. Therefore, the adversary has enough time to plan for devastating attacks for in-service SFCs. Fortunately, moving target defense (MTD) was proposed as a game-changing solution to dynamically adjust network configurations. However, existing MTD methods mostly depend on attack-defense models, and lack adaptive mutation period. In this article, we propose an Intelligence-Driven Service Function Chain Migration (ID-SFCM) scheme. First, we model a Markov decision process (MDP) to formulate the dynamic arrival or departure of SFCs. To remove infeasible actions from the action space of MDP, we formalize the SFC deployment as a constrained satisfaction problem. Then, we design a deep reinforcement learning (DRL) algorithm named model-based adaptive proximal policy optimization (MA-PPO) to enable attack-resistant migration decisions and adaptive migration period. Finally, we evaluate the defense performance by multiple attack strategies and two realistic datasets called CICIDS-2017 and LYCOS-IDS2017 respectively. Simulation results highlight the effectiveness of ID-SFCM compared with representative solutions.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"4913-4927"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62409614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Privacy-Preserving Biometric Authentication: Cryptanalysis and Countermeasures 保护隐私的生物特征认证:密码分析与对策
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3239611
Hui Zhang, Xuejun Li, Syh-Yuan Tan, M. Lee, Zhe Jin
{"title":"Privacy-Preserving Biometric Authentication: Cryptanalysis and Countermeasures","authors":"Hui Zhang, Xuejun Li, Syh-Yuan Tan, M. Lee, Zhe Jin","doi":"10.1109/tdsc.2023.3239611","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3239611","url":null,"abstract":"In this article, we cryptanalyzed a Verifiable Threshold Predicate Encryption (VTPE) enabled Privacy-Preserving Biometric Authentication (PPBA) protocol reported in IEEE-TDSC and revealed discrepancies between its security claims and our security analysis. To be precise, the underlying authentication and key agreement scheme which is based on a challenge-response mechanism and watermark signal unsatisfactorily meets the following security scenario: (a) resistance to man-in-the-middle attacks, (b) biometric template protection, and (c) user anonymity and untraceability. To address these issues, we utilize Physical Unclonable Functions (PUF) to design a PUF driven Verifiable Threshold Predicate Encryption (PUF-VTPE) scheme and a secure PPBA protocol. The PUF-VTPE-based PPBA protocol equips with dual authentication using biometric and mobile device, which offers strong authenticity before establishing the session key. Simultaneously, the non-invertible property of PUF protects the biometric templates in the physical layer. The proposed storage-free mechanism that hides the challenge of device PUF in biometric template alleviates data leakage caused by storage challenges in PUF-based authentication protocols. Moreover, the experimental analysis suggests that the proposed PPBA protocol possesses ISO/IEC 24745 criteria of non-invertibility, unlinkability, and revocability. Additionally, the proposed PPBA protocol reduces the computational cost by about 50% compared to that of the cryptanalyzed scheme.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"5056-5069"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62410423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Shielding Graph for eXact Analytics with SGX 屏蔽图精确分析与SGX
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3241164
Minxin Du, Peipei Jiang, Qian Wang, Sherman S. M. Chow, Lingchen Zhao
{"title":"Shielding Graph for eXact Analytics with SGX","authors":"Minxin Du, Peipei Jiang, Qian Wang, Sherman S. M. Chow, Lingchen Zhao","doi":"10.1109/tdsc.2023.3241164","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3241164","url":null,"abstract":"Graphs nicely capture data from various domains, allowing the computations of many analytic tasks via graph queries. Graphs of real-world data are often large, albeit useful, and the involved computation can be too heavyweight for commodity computers. For secure outsourcing, we propose (SGX)<inline-formula><tex-math notation=\"LaTeX\">$^{2}$</tex-math><alternatives><mml:math><mml:msup><mml:mrow/><mml:mn>2</mml:mn></mml:msup></mml:math><inline-graphic xlink:href=\"wang-ieq1-3241164.gif\"/></alternatives></inline-formula>, a forward-secure structured encryption scheme for graph data, which uses lightweight cryptographic techniques with a trusted execution environment such as SGX. To process million-scale graphs by the limited memory of SGX, we load data on-demand using Dijkstra's algorithm and Fibonacci heap. Compared with most prior graph encryption schemes, (SGX)<inline-formula><tex-math notation=\"LaTeX\">$^{2}$</tex-math><alternatives><mml:math><mml:msup><mml:mrow/><mml:mn>2</mml:mn></mml:msup></mml:math><inline-graphic xlink:href=\"wang-ieq2-3241164.gif\"/></alternatives></inline-formula> supports exact shortest-distance queries instead of approximation and can be easily extended to other graph-based analytics.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"5102-5112"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62410000","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Weaknesses of popular and recent covert channel detection methods and a remedy 流行的和最近的隐蔽信道检测方法的弱点和补救措施
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3241451
S. Zillien, S. Wendzel
{"title":"Weaknesses of popular and recent covert channel detection methods and a remedy","authors":"S. Zillien, S. Wendzel","doi":"10.1109/tdsc.2023.3241451","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3241451","url":null,"abstract":"Network covert channels are applied for the secret exfiltration of confidential data, the stealthy operation of malware, and legitimate purposes, such as censorship circumvention. In recent decades, some major detection methods for network covert channels have been developed. In this article, we investigate two highly cited detection methods for covert timing channels, namely <inline-formula><tex-math notation=\"LaTeX\">$epsilon$</tex-math><alternatives><mml:math><mml:mi>ε</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq1-3241451.gif\"/></alternatives></inline-formula>-similarity and compressibility score from Cabuk et al. (jointly cited by 949 articles and applied by several researchers). We additionally analyze two recent ML-based detection methods: <italic>GAS</italic> (2022) and <italic>SnapCatch</italic> (2021). While all these detection methods must be considered valuable for the analysis of typical covert timing channels, we show that these methods are not reliable when a covert channel's behavior is slightly modified. In particular, we demonstrate that when confronted with a simple covert channel that we call <inline-formula><tex-math notation=\"LaTeX\">$epsilon$</tex-math><alternatives><mml:math><mml:mi>ε</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq2-3241451.gif\"/></alternatives></inline-formula>-<inline-formula><tex-math notation=\"LaTeX\">$kappa$</tex-math><alternatives><mml:math><mml:mi>κ</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq3-3241451.gif\"/></alternatives></inline-formula>libur, all detection methods can be circumvented or their performance can be significantly reduced although the covert channel still provides a high bitrate. In comparison to existing timing channels that circumvent these methods, <inline-formula><tex-math notation=\"LaTeX\">$epsilon$</tex-math><alternatives><mml:math><mml:mi>ε</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq4-3241451.gif\"/></alternatives></inline-formula>-<inline-formula><tex-math notation=\"LaTeX\">$kappa$</tex-math><alternatives><mml:math><mml:mi>κ</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq5-3241451.gif\"/></alternatives></inline-formula>libur is much simpler and eliminates the need of altering previously recorded traffic. Moreover, we propose an enhanced <inline-formula><tex-math notation=\"LaTeX\">$epsilon$</tex-math><alternatives><mml:math><mml:mi>ε</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq6-3241451.gif\"/></alternatives></inline-formula>-similarity that can detect the classical covert timing channel as well as <inline-formula><tex-math notation=\"LaTeX\">$epsilon$</tex-math><alternatives><mml:math><mml:mi>ε</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq7-3241451.gif\"/></alternatives></inline-formula>-<inline-formula><tex-math notation=\"LaTeX\">$kappa$</tex-math><alternatives><mml:math><mml:mi>κ</mml:mi></mml:math><inline-graphic xlink:href=\"zillien-ieq8-3241451.gif\"/></alternatives></inline-formula>libur.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"5156-5167"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62410550","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Machine Learning Based Resilience Testing of an Address Randomization Cyber Defense 基于机器学习的地址随机化网络防御弹性测试
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3234561
G. Mani, Marina Haliem, Bharat K. Bhargava, Indu Manickam, Kevin Kochpatcharin, Myeongsu Kim, E. Vugrin, Weichao Wang, Chris Jenkins, Pelin Angin, Meng Yu
{"title":"Machine Learning Based Resilience Testing of an Address Randomization Cyber Defense","authors":"G. Mani, Marina Haliem, Bharat K. Bhargava, Indu Manickam, Kevin Kochpatcharin, Myeongsu Kim, E. Vugrin, Weichao Wang, Chris Jenkins, Pelin Angin, Meng Yu","doi":"10.1109/tdsc.2023.3234561","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3234561","url":null,"abstract":"Moving target defenses (MTDs) are widely used as an active defense strategy for thwarting cyberattacks on cyber-physical systems by increasing diversity of software and network paths. Recently, machine Learning (ML) and deep Learning (DL) models have been demonstrated to defeat some of the cyber defenses by learning attack detection patterns and defense strategies. It raises concerns about the susceptibility of MTD to ML and DL methods. In this article, we analyze the effectiveness of ML and DL models when it comes to deciphering MTD methods and ultimately evade MTD-based protections in real-time systems. Specifically, we consider a MTD algorithm that periodically randomizes address assignments within the MIL-STD-1553 protocol—a military standard serial data bus. Two ML and DL-based tasks are performed on MIL-STD-1553 protocol to measure the effectiveness of the learning models in deciphering the MTD algorithm: 1) determining whether there is an address assignments change i.e., whether the given system employs a MTD protocol and if it does 2) predicting the future address assignments. The supervised learning models (random forest and k-nearest neighbors) effectively detected the address assignment changes and classified whether the given system is equipped with a specified MTD protocol. On the other hand, the unsupervised learning model (K-means) was significantly less effective. The DL model (long short-term memory) was able to predict the future addresses with varied effectiveness based on MTD algorithm's settings.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"34 1","pages":"4853-4867"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62409105","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Tianji: Securing A Practical Asynchronous Multi-User ORAM Tianji:保护一个实用的异步多用户ORAM
IF 7.3 2区 计算机科学
IEEE Transactions on Dependable and Secure Computing Pub Date : 2023-11-01 DOI: 10.1109/tdsc.2023.3241184
Wen Cheng, Dazou Sang, Lingfang Zeng, Yang Wang, A. Brinkmann
{"title":"Tianji: Securing A Practical Asynchronous Multi-User ORAM","authors":"Wen Cheng, Dazou Sang, Lingfang Zeng, Yang Wang, A. Brinkmann","doi":"10.1109/tdsc.2023.3241184","DOIUrl":"https://doi.org/10.1109/tdsc.2023.3241184","url":null,"abstract":"Oblivious Random Access Machines (ORAMs) allow cloud users to access remote data without leaking access patterns. Current ORAM solutions achieve this goal at expense of either increasing bandwidth consumption by a factor of &lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$O(log N)$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:mrow&gt;&lt;mml:mi&gt;O&lt;/mml:mi&gt;&lt;mml:mo&gt;(&lt;/mml:mo&gt;&lt;mml:mo form=\"prefix\"&gt;log&lt;/mml:mo&gt;&lt;mml:mi&gt;N&lt;/mml:mi&gt;&lt;mml:mo&gt;)&lt;/mml:mo&gt;&lt;/mml:mrow&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq1-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt;, where &lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$N$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:mi&gt;N&lt;/mml:mi&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq2-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt; is the number of data blocks, or relying on homomorphic encryption for bandwidth amplification reduction to &lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$O(1)$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:mrow&gt;&lt;mml:mi&gt;O&lt;/mml:mi&gt;&lt;mml:mo&gt;(&lt;/mml:mo&gt;&lt;mml:mn&gt;1&lt;/mml:mn&gt;&lt;mml:mo&gt;)&lt;/mml:mo&gt;&lt;/mml:mrow&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq3-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt;. Furthermore, most ORAMs are only effective for a single user, while the solutions for multi-user scenarios often induce security or performance problems. This article introduces &lt;italic&gt;Tianji&lt;/italic&gt; — an asynchronous multi-user Shamir-based ORAM system — which supports asynchronous network access scenarios for multiple users with improved security and performance. &lt;italic&gt;Tianji&lt;/italic&gt; is implemented on top of &lt;italic&gt;S&lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$^{3}$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:msup&gt;&lt;mml:mrow/&gt;&lt;mml:mn&gt;3&lt;/mml:mn&gt;&lt;/mml:msup&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq4-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt;ORAM&lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$^+$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:msup&gt;&lt;mml:mrow/&gt;&lt;mml:mo&gt;+&lt;/mml:mo&gt;&lt;/mml:msup&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq5-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt;&lt;/italic&gt;—an extension of the state-of-the-art Shamir-based S&lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$^{3}$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:msup&gt;&lt;mml:mrow/&gt;&lt;mml:mn&gt;3&lt;/mml:mn&gt;&lt;/mml:msup&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq6-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt;ORAM with a new non-eviction data write-back scheme to achieve &lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$O(1)$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:mrow&gt;&lt;mml:mi&gt;O&lt;/mml:mi&gt;&lt;mml:mo&gt;(&lt;/mml:mo&gt;&lt;mml:mn&gt;1&lt;/mml:mn&gt;&lt;mml:mo&gt;)&lt;/mml:mo&gt;&lt;/mml:mrow&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq7-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/inline-formula&gt; consumption in both bandwidth amplification and storage capacity. Our experimental results show that the proposed &lt;italic&gt;Tianji&lt;/italic&gt; with &lt;italic&gt;S&lt;inline-formula&gt;&lt;tex-math notation=\"LaTeX\"&gt;$^{3}$&lt;/tex-math&gt;&lt;alternatives&gt;&lt;mml:math&gt;&lt;mml:msup&gt;&lt;mml:mrow/&gt;&lt;mml:mn&gt;3&lt;/mml:mn&gt;&lt;/mml:msup&gt;&lt;/mml:math&gt;&lt;inline-graphic xlink:href=\"wang-ieq8-3241184.gif\"/&gt;&lt;/alternatives&gt;&lt;/i","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":"1 1","pages":"5143-5155"},"PeriodicalIF":7.3,"publicationDate":"2023-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"62410066","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信