Security and Privacy最新文献

筛选
英文 中文
A resource efficient pseudo random number generator based on sawtooth maps for Internet of Things 基于锯齿映射的物联网资源高效伪随机数生成器
IF 1.9
Security and Privacy Pub Date : 2023-02-26 DOI: 10.1002/spy2.304
Unsub Zia, M. McCartney, B. Scotney, Jorge Martínez, Ali Sajjad
{"title":"A resource efficient pseudo random number generator based on sawtooth maps for Internet of Things","authors":"Unsub Zia, M. McCartney, B. Scotney, Jorge Martínez, Ali Sajjad","doi":"10.1002/spy2.304","DOIUrl":"https://doi.org/10.1002/spy2.304","url":null,"abstract":"The strength of cryptographic keys rely on the random number generators (RNGs) to produce random seed values. Unfortunately there are not many RNGs options suitable for Internet of Things (IoTs) scenario, due to limited processing resources and bulk quantity of IoT data that needs to be secured. In this article, we studied sawtooth map which is a chaotic map. However, when implemented on a computer, the sawtooth map results on a non‐chaotic orbit due to the finite precision of computation. This can be avoided if we use the sawtooth map as the local map in a coupled map lattice (CML) system. We explore such coupled map systems for randomness through entropy and statistical analysis. Based on the results, we propose a lightweight hybrid pseudo random number generator (PRNG) based on sawtooth based CML system and SPONGENT hashing. The proposed PRNG is thoroughly tested against statistical attacks, entropy analysis, key space analysis and compared with existing state of the art solutions. The results provide evidence that the proposed PRNG produces random numbers that could produce sufficiently strong cryptographic keys for resource constrained IoT devices.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-02-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41910894","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Study on early accurate diagnosis and treatment of COVID‐19 with smart phone tracking using bionics 基于仿生学的智能手机追踪早期准确诊断和治疗新冠肺炎的研究
IF 1.9
Security and Privacy Pub Date : 2023-02-15 DOI: 10.1002/spy2.303
Shweta Gupta, Adesh Kumar
{"title":"Study on early accurate diagnosis and treatment of COVID‐19 with smart phone tracking using bionics","authors":"Shweta Gupta, Adesh Kumar","doi":"10.1002/spy2.303","DOIUrl":"https://doi.org/10.1002/spy2.303","url":null,"abstract":"The replication of biological systems by mechanical and electronic devices is referred to as bionics. The bionics industry has grown along four primary application areas, in addition to hearing, vision, orthopedics, and a small, dispersed group of implants that enhance cardiac and neurological functions. The SARS‐CoV‐2 virus is the infectious disease known as coronavirus disease (COVID‐19). The virus‐infected people require assistance to better understand the situation caused by COVID‐19 and to bring some easy, efficient, and effective solutions. One of the solutions mentioned for the early stages involves wearable sensors with temperature sensors for early Covid‐19 identification and photos delivered to an AI‐enabled smartphone, robotic sensor, or robot itself. In severe situations, lung X‐ray images are captured by robotic and remote sensors, and the lungs are given the right medication to finish off the virus. The paper presents the study on the overview, applications of artificial intelligence, and deep learning from the bionics point of view. Deep learning and machine learning will be used for reducing the Covid‐19 outbreak. Wearable sensors provide important data by having temperature‐embedded sensors in several physical devices that reveal details about the environment and body that are connected. Covid‐19 probability prediction is aided by smartphones with artificial intelligence and machine learning capabilities. Case history, doctor notes, chest X‐ray reports, details on the sites of breakouts, and other criteria can help forecast the severity of Covid‐19 when it is in its severe phases and direct the administration of medication to a specific area of the lungs.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-02-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"49317062","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting and predicting countermeasures against clickjacking 检测和预测针对点击劫持的对策
IF 1.9
Security and Privacy Pub Date : 2023-02-06 DOI: 10.1002/spy2.302
Aryaman Nenavath, Srinivas Naik, Satyanarayana Vollala, Ruhul Amin
{"title":"Detecting and predicting countermeasures against clickjacking","authors":"Aryaman Nenavath, Srinivas Naik, Satyanarayana Vollala, Ruhul Amin","doi":"10.1002/spy2.302","DOIUrl":"https://doi.org/10.1002/spy2.302","url":null,"abstract":"Clickjacking is a fast‐growing threat for users online. Here, an attacker program shows a user‐interface (UI) which is entirely out of context, by concealing a very sensitive UI element and rendering it in such a way that it is not visible (transparent) to the end user. The user is then tricked into clicking on the hidden element. By exploiting cameras and publishing unwanted messages, these attacks have the potential to do significant harm. Many websites still lack server‐side minimum security (eg, X‐Frame‐Options header, Content‐Security‐Policy Header, etc) and are hence susceptible to clickjacking. Additionally, client‐side defense methods fare poorly and are ineffective against advanced clickjacking attack types. This paper focuses on dealing with the detection of a possibility of a website being clickjacked. It also predicts the Level of Security of a website against a clickjacking attack and the possible security countermeasures that could be taken to avoid a clickjacking attack on the website. Testing this approach on various websites has proved effective in detecting whether or not a website is vulnerable to clickjacking.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"45 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"50980586","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Design of efficient storage and retrieval of medical records in blockchain based on InterPlanetary File System and modified bloom tree 基于InterPlanetary文件系统和改进bloom树的区块链医疗记录高效存储和检索设计
IF 1.9
Security and Privacy Pub Date : 2023-02-05 DOI: 10.1002/spy2.301
S. Sathiya Devi, Arumugam Bhuvaneswari
{"title":"Design of efficient storage and retrieval of medical records in blockchain based on InterPlanetary File System and modified bloom tree","authors":"S. Sathiya Devi, Arumugam Bhuvaneswari","doi":"10.1002/spy2.301","DOIUrl":"https://doi.org/10.1002/spy2.301","url":null,"abstract":"In the healthcare sector, medical records contain sensitive information about patients, so guaranteeing the confidentiality and integrity of it is essential. To improve the security of it, blockchain technology is being utilized. The blockchain is a type of distributed ledger and it keeps data securely while also generating trust without the need of third party. It has data storage constraint and Merkle tree preserves data integrity but it is inefficient when searching transactions within it. Hence this paper describes InterPlanetary File System (IPFS) based storage and modified bloom tree data structure which is a hybridization of bloom filter and Merkle tree for efficient searching. To protect data privacy, initially it encrypts medical records using ciphertext policy‐attribute based encryption and then the data stored on IPFS returns a hash value. To diminish the false positive rate (FPR), the hash returned by IPFS is stored in two parts of the bloom filter. The first part stores the data by using “k” non‐cryptographic hash function and second part stores the transformed data with the same hash function. The bloom tree is created using Merkle proof for verification of medical record in blockchain. The experiments show that the proposed method reduces the FPR rate and searching complexity is O(log2).","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48859696","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An efficient caching security approach for content‐centric mobile networks in internet of things systems 物联网系统中以内容为中心的移动网络的高效缓存安全方法
IF 1.9
Security and Privacy Pub Date : 2023-01-23 DOI: 10.1002/spy2.294
Zhuang Du, M. Obaidat, Guowei Wu, K. Hsiao
{"title":"An efficient caching security approach for content‐centric mobile networks in internet of things systems","authors":"Zhuang Du, M. Obaidat, Guowei Wu, K. Hsiao","doi":"10.1002/spy2.294","DOIUrl":"https://doi.org/10.1002/spy2.294","url":null,"abstract":"With the expansion of internet of things (IoT), the IP‐based network architecture has been difficult to support the development of IoT. Content‐centric mobile networking (CCMN) models are based on naming the content to get rid of address‐space scarcity, caching the content at intermediate nodes to provide efficient data delivery, which can solve the development bottleneck of IoT. The in‐network caching is a key factor to enable practical deployments of CCMN. And it is also subject to serious security threats of cache pollution attacks (CPA), which can tamper the distribution of content and reduce the advantages of built‐in cache. In addition, the identity and trust mechanism of mobile devices are also important factors hindering the deployment of CCMN. However, existing caching security mechanisms cannot be applied directly, because the features of the built‐in cache, including ubiquity, mobility, and heterogeneity, bring new challenges on designing the caching security mechanism against CPA. In this article, we propose a lightweight CPA detection and defense approach for CCMN. We first model the attack and defense process of CPA as a dynamic game, which can optimize the performance of the attack detection. Then, we adopt popularity analysis to detect CPA, and accurately estimate the current network and attack state by a logical regression algorithm. Our design can also intelligently maintain the identity and trust mechanism. Finally, we design a punishment mechanism to deal with the attackers. Extensive simulations demonstrate that our approach can detect CPA efficiently, mitigate the impact of CPA effectively. Our game model can reduce the impact of locality‐disruption attack and false‐locality attack by 60% and 30%, respectively, compared with the state‐of‐the‐art methods. When the game reaches Nash equilibrium, our model can reduce the impact of CPA on cache hit ratio by 55% on average.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"44179277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An attack volume metric 攻击量度量
IF 1.9
Security and Privacy Pub Date : 2023-01-23 DOI: 10.1002/spy2.298
Ibifubara Iganibo, Massimiliano Albanese, M. Mosko, Eric Bier, Alejandro E. Brito
{"title":"An attack volume metric","authors":"Ibifubara Iganibo, Massimiliano Albanese, M. Mosko, Eric Bier, Alejandro E. Brito","doi":"10.1002/spy2.298","DOIUrl":"https://doi.org/10.1002/spy2.298","url":null,"abstract":"For more than a decade, the notion of attack surface has been used to define the set of vulnerable assets that an adversary may exploit to penetrate a system, and various metrics have been developed to quantify the extent of a system's attack surface. However, most approaches to tackle this problem have failed to consider the complex interdependencies that exist between the many components of a distributed system, its vulnerabilities, and its configuration parameters. In our work, building upon previous research on vulnerability metrics and on graphical models to capture such interdependencies, we propose a novel approach to evaluate the potential risk associated with exposed vulnerabilities by studying how the effect of each vulnerability exploit propagates through chains of dependencies. Our analysis goes beyond the scope of traditional attack surface metrics, and considers the depth and implications of potential attacks, leading to the definition of a new family of metrics, which we refer to as attack volume metrics. We present experimental results illustrating how the proposed metric scales for graphs of realistic sizes, and illustrate its application to real‐world testbeds.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"42561957","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
An onion with layers of hope and fear: A cross‐case analysis of the media representation of Tor Network reflecting theoretical perspectives of new technologies 一个充满希望和恐惧的洋葱:反映新技术理论视角的Tor网络媒体表现的跨案例分析
IF 1.9
Security and Privacy Pub Date : 2023-01-22 DOI: 10.1002/spy2.296
Thaís Sardá
{"title":"An onion with layers of hope and fear: A cross‐case analysis of the media representation of Tor Network reflecting theoretical perspectives of new technologies","authors":"Thaís Sardá","doi":"10.1002/spy2.296","DOIUrl":"https://doi.org/10.1002/spy2.296","url":null,"abstract":"The Onion Router (Tor) is a sophisticated web browser accompanied by an encrypted network that enables online anonymity, protecting people's privacy. Adopted by many as a counter‐surveillance mitigation around the world, legitimate users of Tor include the military, journalists, whistle‐blowers, and citizens from authoritarian regimes. This article shows that the data protection offered by Tor is consistently associated to criminal and anti‐social uses by the media. This research looks at the British press representation of Tor conducting a thematic analysis of articles published by six newspapers between 2008 and 2017. This analysis connects the press coverage to three theoretical approaches: moral panics, technological ambivalence, and liberation technology. This research demonstrates through three case studies that the media reproduces theoretical discussions about new technologies on Tor's portrayal, presenting cases with only positive, only negatives and both positive and negative uses. However, examples of optimistic views of Tor are rare, and the press coverage focuses mainly on the criminal uses, especially crypto markets and child pornography. Overall, the British press ignores a culture of surveillance and spreads a discourse of fear through a recurrent connection of Tor to horrifying uses, undermining any potential positive outcomes.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":"6 1","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"41639276","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Differential analysis of the NBC algorithm based on mixed integer linear programming model 基于混合整数线性规划模型的NBC算法的差分分析
IF 1.9
Security and Privacy Pub Date : 2023-01-20 DOI: 10.1002/spy2.297
Lan Zhang, Bin Yu, Liangsheng He
{"title":"Differential analysis of the NBC algorithm based on mixed integer linear programming model","authors":"Lan Zhang, Bin Yu, Liangsheng He","doi":"10.1002/spy2.297","DOIUrl":"https://doi.org/10.1002/spy2.297","url":null,"abstract":"This paper mainly studies mixed integer linear programming (MILP)‐based cryptanalysis on round‐reduced NBC algorithm with generalized Feistel structure. First, each component of the algorithm is equivalently described by linear inequality equations, and the propagation rules of differential characteristics and linear approximation are described, and an automatic search algorithm model of differential mode and linear mask mode based on MILP is established, and the minimum number of active S‐boxes and the corresponding differential mode and linear mask mode paths are obtained. Second, according to the NBC algorithm's 16‐bit block pull‐wire position permutation characteristics, the optimal full diffusion rounds of NBC‐128 algorithm and NBC‐256 algorithm are obtained by using approximate matrix multiplication theory to be six and eight respectively. Finally, based on the optimal number of full diffusion rounds of the algorithm, an automatic search algorithm model of impossible differential cryptanalysis is established, and the set of input differential patterns is traversed to obtain 11‐round impossible differential distinguishers of NBC‐128 algorithm and 14‐round impossible differential distinguishers of NBC‐256 algorithm respectively.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48511541","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Blockchain architecture and methodologies for internet of things environment 区块链物联网环境的体系结构和方法
IF 1.9
Security and Privacy Pub Date : 2023-01-17 DOI: 10.1002/spy2.299
Alireza Souri, Eyhab Al-Masri, S. Kumari
{"title":"Blockchain architecture and methodologies for internet of things environment","authors":"Alireza Souri, Eyhab Al-Masri, S. Kumari","doi":"10.1002/spy2.299","DOIUrl":"https://doi.org/10.1002/spy2.299","url":null,"abstract":"With the continuous maturity of big data technology and open source community in the internet of things (IoT) environment, the intelligent system architecture and ecosystem are booming and developing, and the commercial supporting tools are increasingly fast. On the other hand, blockchain architecture was primarily designed to facilitate distributed transactions by removing central management in a secured and safe environment. Blockchain technology can share and distribute big data structures that can securely store digital transactions without using a central point of authority. More importantly, blockchain allows for the automated execution of smart contracts in IoT. Therefore, the sensible management of blockchain-based big data techniques is necessary to increase the IoT architecture and network efficiency. The main contribution of this special issue is to highlight the new methods and directions focusing on blockchain-based methodologies to address the IoT environments. This special issue invited researchers to publish selected original articles presenting new solutions to solve hot challenges of this topic. We have received more than 25 submitted manuscripts in this special issue in March 2022. By applying an initial technical check for all manuscripts, peer-review process was applied for all submitted manuscripts. Then, based on the review comments, we have accepted 16 papers.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"43571295","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Multi‐aspects AI‐based modeling and adversarial learning for cybersecurity intelligence and robustness: A comprehensive overview 网络安全智能和稳健性的多方面基于人工智能的建模和对抗性学习:全面综述
IF 1.9
Security and Privacy Pub Date : 2023-01-10 DOI: 10.1002/spy2.295
Iqbal H. Sarker
{"title":"Multi‐aspects AI‐based modeling and adversarial learning for cybersecurity intelligence and robustness: A comprehensive overview","authors":"Iqbal H. Sarker","doi":"10.1002/spy2.295","DOIUrl":"https://doi.org/10.1002/spy2.295","url":null,"abstract":"Due to the rising dependency on digital technology, cybersecurity has emerged as a more prominent field of research and application that typically focuses on securing devices, networks, systems, data and other resources from various cyber‐attacks, threats, risks, damages, or unauthorized access. Artificial intelligence (AI), also referred to as a crucial technology of the current Fourth Industrial Revolution (Industry 4.0 or 4IR), could be the key to intelligently dealing with these cyber issues. Various forms of AI methodologies, such as analytical, functional, interactive, textual as well as visual AI can be employed to get the desired cyber solutions according to their computational capabilities. However, the dynamic nature and complexity of real‐world situations and data gathered from various cyber sources make it challenging nowadays to build an effective AI‐based security model. Moreover, defending robustly against adversarial attacks is still an open question in the area. In this article, we provide a comprehensive view on “Cybersecurity Intelligence and Robustness,” emphasizing multi‐aspects AI‐based modeling and adversarial learning that could lead to addressing diverse issues in various cyber applications areas such as detecting malware or intrusions, zero‐day attacks, phishing, data breach, cyberbullying and other cybercrimes. Thus the eventual security modeling process could be automated, intelligent, and robust compared to traditional security systems. We also emphasize and draw attention to the future aspects of cybersecurity intelligence and robustness along with the research direction within the context of our study. Overall, our goal is not only to explore AI‐based modeling and pertinent methodologies but also to focus on the resulting model's applicability for securing our digital systems and society.","PeriodicalId":29939,"journal":{"name":"Security and Privacy","volume":" ","pages":""},"PeriodicalIF":1.9,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"47310786","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信