Cybersecurity最新文献_第2页

TVRAVNF: an efficient low-cost TEE-based virtual remote attestation scheme for virtual network functions TVRAVNF：基于 TEE 的高效低成本虚拟网络功能远程验证方案

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-08-04 DOI: 10.1186/s42400-024-00235-7

Jie Yuan, Rui Xu, Xinghai Wei, Keji Miao, Dongxiao Liu

{"title":"TVRAVNF: an efficient low-cost TEE-based virtual remote attestation scheme for virtual network functions","authors":"Jie Yuan, Rui Xu, Xinghai Wei, Keji Miao, Dongxiao Liu","doi":"10.1186/s42400-024-00235-7","DOIUrl":"https://doi.org/10.1186/s42400-024-00235-7","url":null,"abstract":"With the continuous advancement of virtualization technology and the widespread adoption of 5G networks, the application of the Network Function Virtualization (NFV) architecture has become increasingly popular and prevalent. While the NFV architecture brings a lot of advantages, it also introduces security challenges, including the effective and efficient verification of the integrity of deployed Virtual Network Functions (VNFs) and ensuring the secure operation of VNFs. To address the challenge of efficiently conducting virtual remote attestation for VNFs and establishing trust in virtualized environments like NFV architecture, we propose TVRAVNF, which is a highly efficient and low-cost TEE-based virtual remote attestation scheme for VNFs. The scheme we proposed ensures the security and effectiveness of the virtual remote attestation process by leveraging TEE. Furthermore, we introduces a novel local attestation mechanism, which not only reduces the overall overhead of the virtual remote attestation process but also shortens the attestation interval to mitigate Time-Of-Check-Time-Of-Use attacks, thereby enhancing overall security. We conduct experiments to validate the overhead of the TVRAVNF scheme and compare its performance with that of a typical remote attestation process within a maximum unattested time interval. The experimental results demonstrate that, by employing the local attestation mechanism, our solution achieves nearly an 80% significant performance improvement with a relatively small time overhead for small to medium-sized files. This further substantiates the significant advantages of our approach in both security and efficiency.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-08-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141932917","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Efficient post-quantum secure deterministic wallet scheme 高效的后量子安全确定性钱包方案

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-08-03 DOI: 10.1186/s42400-024-00216-w

Mingxing Hu, Zhen Liu, Yunhong Zhou

{"title":"Efficient post-quantum secure deterministic wallet scheme","authors":"Mingxing Hu, Zhen Liu, Yunhong Zhou","doi":"10.1186/s42400-024-00216-w","DOIUrl":"https://doi.org/10.1186/s42400-024-00216-w","url":null,"abstract":"Since the advent of Bitcoin, cryptocurrencies have gained substantial popularity, and crypto wallets have evolved into the predominant tool for safeguarding and managing cryptographic keys to access cryptocurrency funds. Deterministic wallets are proposed as an advanced wallet mechanism to provide benefits such as low-maintenance, easy backup and recovery, and support for functionalities required by cryptocurrencies. Alkeilani Alkadri et al. (ACM CCS’20) presented the first post-quantum secure deterministic wallet scheme, but it exhibits a gap to bridge before achieving practical applicability, as reflected in both their concrete parameters size and computational efficiency. In this paper, we propose an efficient post-quantum secure deterministic wallet scheme. In particular, we present a new construction method for deterministic wallets, prove the security in the quantum random oracle model, and provide an efficient instantiation. The comparison result, with the work of Alkeilani Alkadri et al. (ACM CCS’20), shows our work has a comprehensive improvement on efficiency, e.g., the pk size is (approx 40.7) times shorter, sk is (approx 9.2) times shorter, and the signing time is (approx 3.1) times faster.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-08-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141932918","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Classification of DDoS attack traffic on SDN network environment using deep learning 利用深度学习对 SDN 网络环境中的 DDoS 攻击流量进行分类

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-08-02 DOI: 10.1186/s42400-024-00219-7

Urikhimbam Boby Clinton, Nazrul Hoque, Khumukcham Robindro Singh

{"title":"Classification of DDoS attack traffic on SDN network environment using deep learning","authors":"Urikhimbam Boby Clinton, Nazrul Hoque, Khumukcham Robindro Singh","doi":"10.1186/s42400-024-00219-7","DOIUrl":"https://doi.org/10.1186/s42400-024-00219-7","url":null,"abstract":"Distributed Denial of Service (DDoS) attack is a major threat to the Internet of Things (IoT), Software Defined Networks (SDN), and Cloud Computing Networks. Due to the tremendous applications of IoT networks, the number of DDoS attacks is increasing significantly, and most sophisticated DDoS attacks are generated through IoT botnets. An IoT botnet-based DDoS attack can disrupt the network quickly with a surge of malicious traffic. Especially in an SDN network, it is important to detect the DDoS attack before it occurs to the SDN controller. DDoS attacks on the centralized controller of the SDN can disrupt the whole network. So, identifying DDoS attacks at the earliest is a critical security measure for network experts and practitioners. In this paper, we analyze the DDoS attack on an SDN environment and develop a method to identify the DDoS attack using Deep Learning (DL). The proposed method converts the captured raw network traffic to image data and classifies the malicious data from normal data. The method is evaluated on our test-bed simulated dataset and two other benchmark datasets. The experimental comparison shows that the proposed method performs better on all three datasets, giving more than 99% classification accuracy.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141887008","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Revisiting frequency-smoothing encryption: new security definitions and efficient construction 重温频率平滑加密：新的安全定义和高效构造

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-08-01 DOI: 10.1186/s42400-024-00208-w

Haobin Chen, Yue Yang, Siyi Lv

引用次数: 0

GLDOC: detection of implicitly malicious MS-Office documents using graph convolutional networks GLDOC：利用图卷积网络检测隐含恶意的 MS-Office 文档

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-07-25 DOI: 10.1186/s42400-024-00243-7

Wenbo Wang, Peng Yi, Taotao Kou, Weitao Han, Chengyu Wang

{"title":"GLDOC: detection of implicitly malicious MS-Office documents using graph convolutional networks","authors":"Wenbo Wang, Peng Yi, Taotao Kou, Weitao Han, Chengyu Wang","doi":"10.1186/s42400-024-00243-7","DOIUrl":"https://doi.org/10.1186/s42400-024-00243-7","url":null,"abstract":"Nowadays, the malicious MS-Office document has already become one of the most effective attacking vectors in APT attacks. Though many protection mechanisms are provided, they have been proved easy to bypass, and the existed detection methods show poor performance when facing malicious documents with unknown vulnerabilities or with few malicious behaviors. In this paper, we first introduce the definition of im-documents, to describe those vulnerable documents which show implicitly malicious behaviors and escape most of public antivirus engines. Then we present GLDOC—a GCN based framework that is aimed at effectively detecting im-documents with dynamic analysis, and improving the possible blind spots of past detection methods. Besides the system call which is the only focus in most researches, we capture all dynamic behaviors in sandbox, take the process tree into consideration and reconstruct both of them into graphs. Using each line to learn each graph, GLDOC trains a 2-channel network as well as a classifier to formulate the malicious document detection problem into a graph learning and classification problem. Experiments show that GLDOC has a comprehensive balance of accuracy rate and false alarm rate − 95.33% and 4.33% respectively, outperforming other detection methods. When further testing in a simulated 5-day attacking scenario, our proposed framework still maintains a stable and high detection accuracy on the unknown vulnerabilities.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141782356","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Revealing the exploitability of heap overflow through PoC analysis 通过 PoC 分析揭示堆溢出的可利用性

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-07-18 DOI: 10.1186/s42400-024-00244-6

Qintao Shen, Guozhu Meng, Kai Chen

{"title":"Revealing the exploitability of heap overflow through PoC analysis","authors":"Qintao Shen, Guozhu Meng, Kai Chen","doi":"10.1186/s42400-024-00244-6","DOIUrl":"https://doi.org/10.1186/s42400-024-00244-6","url":null,"abstract":"The exploitable heap layouts are used to determine the exploitability of heap vulnerabilities in general-purpose applications. Prior studies have focused on using fuzzing-based methods to generate more exploitable heap layouts. However, the exploitable heap layout cannot fully demonstrate the exploitability of a vulnerability, as it is uncertain whether the attacker can control the data covered by the overflow. In this paper, we propose the Heap Overflow Exploitability Evaluator (Hoee), a new approach to automatically reveal the exploitability of heap buffer overflow vulnerabilities by evaluating proof-of-concepts (PoCs) generated by fuzzers. Hoee leverages several techniques to collect dynamic information at runtime and recover heap object layouts in a fine-grained manner. The overflow context is carefully analyzed to determine whether the sensitive pointer is corrupted, tainted, or critically used. We evaluate Hoee on 34 real-world CVE vulnerabilities from 16 general-purpose programs. The results demonstrate that Hoee accurately identifies the key factors for developing exploits in vulnerable contexts and correctly recognizes the behavior of overflow.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-07-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141739606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Threshold ring signature: generic construction and logarithmic size instantiation 阈值环签名：通用构造和对数大小实例化

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-07-11 DOI: 10.1186/s42400-024-00233-9

Huizhuo Wang, Yang Tao, Rui Zhang

引用次数: 0

FedSHE: privacy preserving and efficient federated learning with adaptive segmented CKKS homomorphic encryption FedSHE：利用自适应分段 CKKS 同态加密技术保护隐私并提高联合学习效率

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-07-04 DOI: 10.1186/s42400-024-00232-w

Yao Pan, Zheng Chao, Wang He, Yang Jing, Li Hongjia, Wang Liming

{"title":"FedSHE: privacy preserving and efficient federated learning with adaptive segmented CKKS homomorphic encryption","authors":"Yao Pan, Zheng Chao, Wang He, Yang Jing, Li Hongjia, Wang Liming","doi":"10.1186/s42400-024-00232-w","DOIUrl":"https://doi.org/10.1186/s42400-024-00232-w","url":null,"abstract":"Unprotected gradient exchange in federated learning (FL) systems may lead to gradient leakage-related attacks. CKKS is a promising approximate homomorphic encryption scheme to protect gradients, owing to its unique capability of performing operations directly on ciphertexts. However, configuring CKKS security parameters involves a trade-off between correctness, efficiency, and security. An evaluation gap exists regarding how these parameters impact computational performance. Additionally, the maximum vector length that CKKS can once encrypt, recommended by Homomorphic Encryption Standardization, is 16384, hampers its widespread adoption in FL when encrypting layers with numerous neurons. To protect gradients’ privacy in FL systems while maintaining practical performance, we comprehensively analyze the influence of security parameters such as polynomial modulus degree and coefficient modulus on homomorphic operations. Derived from our evaluation findings, we provide a method for selecting the optimal multiplication depth while meeting operational requirements. Then, we introduce an adaptive segmented encryption method tailored for CKKS, circumventing its encryption length constraint and enhancing its processing ability to encrypt neural network models. Finally, we present FedSHE, a privacy-preserving and efficient Federated learning scheme with adaptive Segmented CKKS Homomorphic Encryption. FedSHE is implemented on top of the federated averaging (FedAvg) algorithm and is available at https://github.com/yooopan/FedSHE. Our evaluation results affirm the correctness and effectiveness of our proposed method, demonstrating that FedSHE outperforms existing homomorphic encryption-based federated learning research efforts in terms of model accuracy, computational efficiency, communication cost, and security level.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-07-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141552326","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

A privacy-preserving image retrieval scheme with access control based on searchable encryption in media cloud 基于媒体云中可搜索加密的带访问控制的隐私保护图像检索方案

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-07-03 DOI: 10.1186/s42400-024-00213-z

Miao Tian, Yushu Zhang, Yongming Zhang, Xiangli Xiao, Wenying Wen

{"title":"A privacy-preserving image retrieval scheme with access control based on searchable encryption in media cloud","authors":"Miao Tian, Yushu Zhang, Yongming Zhang, Xiangli Xiao, Wenying Wen","doi":"10.1186/s42400-024-00213-z","DOIUrl":"https://doi.org/10.1186/s42400-024-00213-z","url":null,"abstract":"With the popularity of the media cloud computing industry, individuals and organizations outsource image computation and storage to the media cloud server to reduce the storage burden. Media images usually contain a large amount of private information. To prevent disclosure of privacy of the image owners, media images are encrypted before uploading to the server. However, this operation will greatly limit the utilization of the image for the user, such as content-based image retrieval. We propose an efficient similarity query algorithm with access control based on Bkd-tree in this paper, in which a searchable encryption scheme is designed for similarity image retrieval, and the encrypted image is used to extract image features by a pre-trained CNN model. The Bkd-tree is utilized to generate an index tree for the image features to speed up retrieval and make it faster than linear indexing. Finally, the security performances of the proposed scheme is analyzed and the performance of this scheme is evaluated by experiments. The results show that the security of the image content and image features can be ensured, and it has a shorter retrieval time and higher retrieval efficiency.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141513493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Improved homomorphic evaluation for hash function based on TFHE 基于 TFHE 的哈希函数改进型同态评估

IF 3.1 4区计算机科学

Cybersecurity Pub Date : 2024-07-02 DOI: 10.1186/s42400-024-00204-0

Benqiang Wei, Xianhui Lu

{"title":"Improved homomorphic evaluation for hash function based on TFHE","authors":"Benqiang Wei, Xianhui Lu","doi":"10.1186/s42400-024-00204-0","DOIUrl":"https://doi.org/10.1186/s42400-024-00204-0","url":null,"abstract":"Homomorphic evaluation of hash functions offers a solution to the challenge of data integrity authentication in the context of homomorphic encryption. The earliest attempt to achieve homomorphic evaluation of SHA-256 hash function was proposed by Mella and Susella (in: Cryptography and coding—14th IMA international conference, IMACC 2013. Lecture notes in computer science, vol 8308. Springer, Heidelberg, pp 28–44, 2013. https://doi.org/10.1007/978-3-642-45239-0_3.) based on the BGV scheme. Unfortunately, their implementation faced significant limitations due to the exceedingly high multiplicative depth, rendering it impractical. Recently, a homomorphic implementation of SHA-256 based on the TFHE scheme (Homomorphic evaluation of SHA-256. https://github.com/zama-ai/tfhe-rs/tree/main/tfhe/examples/sha256_bool) brings it from theory to reality, however, its current efficiency remains insufficient. In this paper, we revisit the homomorphic evaluation of the SHA-256 hash function in the context of TFHE, further reducing the reliance on gate bootstrapping and enhancing evaluation latency. Specifically, we primarily utilize ternary gates to reduce the number of gate bootstrappings required for logic functions in message expansion and addition of modulo (2^{32}) in iterative compression. Furthermore, we demonstrate that our optimization techniques are applicable to the Chinese commercial cryptographic hash SM3. Finally, we give specific comparative implementations based on the TFHE-rs library. Experiments demonstrate that our optimization techniques lead to an improvement of approximately 35–50% compared with the state-of-the-art result under different cores.","PeriodicalId":36402,"journal":{"name":"Cybersecurity","volume":null,"pages":null},"PeriodicalIF":3.1,"publicationDate":"2024-07-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141513494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0