Journal of Computer Security最新文献

{"title":"Adaptive multi-cascaded ResNet-based efficient multimedia steganography framework using hybrid mouth brooding fish-emperor penguin optimization mechanism","authors":"Garikamukkala Vijaya Kiran, Vidhya Krishnan","doi":"10.3233/jcs-230049","DOIUrl":"https://doi.org/10.3233/jcs-230049","url":null,"abstract":"A massive amount of data is transmitted in the Internet of Things (IoT). Nowadays, the concerning of security issues are the major factor while transferring data through wireless networks. Since, data privacy becomes complicated. In this research work, a newly proposed model for multimedia steganography is developed. Initially, the required video is obtained from the publically available datasets, and then the acquired input is subjected to the Adaptive Discrete Cosine Transformation (DCT) based block process. The optimal blocks are chosen by the Adaptive Multi-cascaded ResNet (AMC-ResNet) model for applying stego data. Here, the parameter optimization takes place in the DCT and ResNet model to enhance the steganography performance via the Mouth Brooding Fish Emperor Penguin Optimization (MBFEPO) derived from the Mouth Brooding Fish Algorithm (MBFA) and Emperor Penguin Optimization Algorithm (EPOA). Finally, the inverse DCT is employed at the blocks to get the final stego video. In the audio steganography phase, the wanted audio is gathered from external websites. The collected data are given to the Short-time Fourier Transform (STFT) to convert into the spectrogram image, and then the spectrogram image is given to the Adaptive DCT block, selecting the block to apply stego data. Thus, the blocks are selected with the utilization of the Adaptive Multi-cascaded ResNet (AMC-ResNet), where the parameters within the DCT and the ResNet are optimized via the same MBFEPO to improve the performance. After, the Inverse ADCT is applied to reconstruct the spectrogram image. Then, the resultant stego audio is obtained by using the Inverse STFT. Finally, several experiments are conducted to estimate the working ability of the proposed steganography model. The outcome of the recommended model shows 12.3%, 52.6%, 12.3%, and 84.3% better performance SFO, HBA, MBFA, and EPOA in terms of median. The recommended model performs superior performance rather than the existing approaches.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":0.9,"publicationDate":"2024-07-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141803397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Securing Images using Bifid Cipher associated with Arnold Map","authors":"Sachin Kumar, Swati Suyal, Ashok Kumar","doi":"10.3233/jcs-230101","DOIUrl":"https://doi.org/10.3233/jcs-230101","url":null,"abstract":"In this paper, a scheme for image data security is designed by using Bifid cipher and Arnold map. The conventional 2D-Bifid cipher is changed to handle the encryption and decryption of color images. Further, a block-based method is realized using Arnold map to encrypt and decrypt the image data of square as well as non-square sizes. The proposed scheme is constructed on a widely adopted cryptographic framework, i.e., substitution-permutation design, where Bifid cipher-based scheme acts as a substitution layer and Arnold map-based scheme acts as a diffusion layer. The designed scheme has a huge key space with key sensitivity not only to accurate keys but also to their accurate orders. The practicability and performance of the designed scheme is validated by conducting a detailed analysis along with a comparative study. This paper contributes to a simple, efficient and secure image encryption method, which outperforms to the related works.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-06-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141266709","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Identity-based chameleon hash from lattices","authors":"Yiming Li, Shengli Liu","doi":"10.3233/jcs-220121","DOIUrl":"https://doi.org/10.3233/jcs-220121","url":null,"abstract":"Identity-based chameleon hash (IBCH) is a cryptographic primitive with nice properties. IBCH equips each user with a trapdoor and the hash values can be publicly evaluated w.r.t. the identity of any user. On the one hand, it is hard to find collisions for the hash values without the user’s trapdoor. On the other hand, with the help of the user’s trapdoor, finding collisions becomes easy. An important application of IBCH is to upgrade an identity-based signature (IBS) scheme to an on-line/off-line identity-based signature (OO-IBS) scheme. OO-IBS is a useful tool to provide authenticity in lightweight smart devices, since it only involves light on-line computations and does not need key certificate. Up to now, there are many IBCH constructions from traditional number-theoretic assumptions like RSA, CDH, etc. However, none of the existing IBCH schemes achieve the post-quantum security in the standard model. In this paper, we propose a new IBCH scheme from lattices. The security of our IBCH is reduced to a well-accepted lattice-based assumption – the Short Integer Solution (SIS) assumption in the standard model. Our work provides the first post-quantum solution to IBCH in the standard model.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141269943","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Practical multi-party private set intersection cardinality and intersection-sum protocols under arbitrary collusion1","authors":"You Chen, Ning Ding, Dawu Gu, Yang Bian","doi":"10.3233/jcs-230091","DOIUrl":"https://doi.org/10.3233/jcs-230091","url":null,"abstract":"Private set intersection cardinality (PSI-CA) and private intersection-sum with cardinality (PSI-CA-sum) are two primitives that enable data owners to learn the intersection cardinality of their data sets, with the difference that PSI-CA-sum additionally outputs the sum of the associated integer values of all the data that belongs to the intersection (i.e., intersection-sum). However, to the best of our knowledge, all existing multi-party PSI-CA (MPSI-CA) protocols are either limited by high computational cost or face security challenges under arbitrary collusion. As for multi-party PSI-CA-sum (MPSI-CA-sum), there is even no formalization for this notion at present, not to mention secure constructions for it. In this paper, we first present an efficient MPSI-CA protocol with two non-colluding parties. This protocol significantly decreases the number of parties involved in expensive interactive procedures, leading to a significant enhancement in runtime efficiency. Our numeric results demonstrate that the running time of this protocol is merely one-quarter of the time required by our proposed MPSI-CA protocol that is secure against arbitrary collusion. Therefore, in scenarios where performance is a priority, this protocol stands out as an excellent choice. Second, we successfully construct the first MPSI-CA protocol that achieves simultaneous practicality and security against arbitrary collusion. Additionally, we also conduct implementation to verify its practicality (while the previous results under arbitrary collusion only present theoretical analysis of performance, lacking real implementation). Numeric results show that by shifting the costly operations to an offline phase, the online computation can be completed in just 12.805 seconds, even in the dishonest majority setting, where 15 parties each hold a set of size 2 16 . Third, we formalize the concept of MPSI-CA-sum and present the first realization that ensures simultaneous practicality and security against arbitrary collusion. The computational complexity of this protocol is roughly twice that of our MPSI-CA protocol. Besides the main results, we introduce the concepts and efficient constructions of two novel building blocks: multi-party secret-shared shuffle and multi-party oblivious zero-sum check, which may be of independent interest.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140741521","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MVDet: Encrypted malware traffic detection via multi-view analysis","authors":"Susu Cui, Xueying Han, Cong Dong, Yun Li, Song Liu, Zhigang Lu, Yuling Liu","doi":"10.3233/jcs-230024","DOIUrl":"https://doi.org/10.3233/jcs-230024","url":null,"abstract":"Detecting encrypted malware traffic promptly to halt the further propagation of an attack is critical. Currently, machine learning becomes a key technique for extracting encrypted malware traffic patterns. However, due to the dynamic nature of network environments and the frequent updates of malware, current methods face the challenges of detecting unknown malware traffic in open-world environment. To address the issue, we introduce MVDet, a novel method that employs machine learning to mine the behavioral features of malware traffic based on multi-view analysis. Unlike traditional methods, MVDet innovatively characterizes the behavioral features of malware traffic at 4-tuple flows from four views: statistical view, DNS view, TLS view, and business view, which is a more stable feature representation capable of handling complex network environments and malware updates. Additionally, we achieve a short-time behavioral features construction, significantly reducing the time cost for feature extraction and malware detection. As a result, we can detect malware behavior at an early stage promptly. Our evaluation demonstrates that MVDet can detect a wide variety of known malware traffic and exhibits efficient and robust detection in both open-world and unknown malware scenarios. MVDet outperforms state-of-the-art methods in closed-world known malware detection, open-world known malware detection, and open-world unknown malware detection.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-02-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139782042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"MVDet: Encrypted malware traffic detection via multi-view analysis","authors":"Susu Cui, Xueying Han, Cong Dong, Yun Li, Song Liu, Zhigang Lu, Yuling Liu","doi":"10.3233/jcs-230024","DOIUrl":"https://doi.org/10.3233/jcs-230024","url":null,"abstract":"Detecting encrypted malware traffic promptly to halt the further propagation of an attack is critical. Currently, machine learning becomes a key technique for extracting encrypted malware traffic patterns. However, due to the dynamic nature of network environments and the frequent updates of malware, current methods face the challenges of detecting unknown malware traffic in open-world environment. To address the issue, we introduce MVDet, a novel method that employs machine learning to mine the behavioral features of malware traffic based on multi-view analysis. Unlike traditional methods, MVDet innovatively characterizes the behavioral features of malware traffic at 4-tuple flows from four views: statistical view, DNS view, TLS view, and business view, which is a more stable feature representation capable of handling complex network environments and malware updates. Additionally, we achieve a short-time behavioral features construction, significantly reducing the time cost for feature extraction and malware detection. As a result, we can detect malware behavior at an early stage promptly. Our evaluation demonstrates that MVDet can detect a wide variety of known malware traffic and exhibits efficient and robust detection in both open-world and unknown malware scenarios. MVDet outperforms state-of-the-art methods in closed-world known malware detection, open-world known malware detection, and open-world unknown malware detection.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-02-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139842212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Prioritization and exchange chains in privacy-preserving kidney exchange","authors":"Malte Breuer, Pascal Hein, Leonardo Pompe, Urike Meyer, Susanne Wetzel","doi":"10.3233/jcs-230012","DOIUrl":"https://doi.org/10.3233/jcs-230012","url":null,"abstract":"The Kidney Exchange Problem (KEP) aims at finding an optimal set of exchanges among pairs of patients and their medically incompatible living kidney donors as well as altruistic donors who are not associated with any particular patient but want to donate a kidney to any person in need. Existing platforms that offer the finding of such exchanges for patient-donor pairs and altruistic donors are organized in a centralized fashion and operated by a single platform operator. This makes them susceptible to manipulation and corruption. Recent research has targeted these security issues by proposing decentralized Secure Multi-Party Computation (SMPC) protocols for solving the KEP. However, these protocols fail to meet two important requirements for kidney exchange in practice. First, they do not allow for altruistic donors. While such donors are not legally allowed in all countries, they have been shown to have a positive effect on the number of transplants that can be found. Second, the existing SMPC protocols do not support prioritization, which is used in existing platforms to give priority to certain exchanges or patient-donor pairs, e.g., to patients who are hard to match due to their medical characteristics. In this paper, we introduce a generic gate for implementing prioritization in kidney exchange. We extend two existing SMPC protocols for solving the KEP such that they allow for altruistic donors and prioritization and present one novel SMPC protocol for solving the KEP with altruistic donors and prioritization based on dynamic programming. We prove the security of all protocols and analyze their complexity. We implement all protocols and evaluate their performance for the setting where altruistic donors are legally allowed and for the setting where they are not. Thereby, we determine the performance impact of the inclusion of altruistic donors and obtain those approaches that perform best for each setting.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139864228","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Prioritization and exchange chains in privacy-preserving kidney exchange","authors":"Malte Breuer, Pascal Hein, Leonardo Pompe, Urike Meyer, Susanne Wetzel","doi":"10.3233/jcs-230012","DOIUrl":"https://doi.org/10.3233/jcs-230012","url":null,"abstract":"The Kidney Exchange Problem (KEP) aims at finding an optimal set of exchanges among pairs of patients and their medically incompatible living kidney donors as well as altruistic donors who are not associated with any particular patient but want to donate a kidney to any person in need. Existing platforms that offer the finding of such exchanges for patient-donor pairs and altruistic donors are organized in a centralized fashion and operated by a single platform operator. This makes them susceptible to manipulation and corruption. Recent research has targeted these security issues by proposing decentralized Secure Multi-Party Computation (SMPC) protocols for solving the KEP. However, these protocols fail to meet two important requirements for kidney exchange in practice. First, they do not allow for altruistic donors. While such donors are not legally allowed in all countries, they have been shown to have a positive effect on the number of transplants that can be found. Second, the existing SMPC protocols do not support prioritization, which is used in existing platforms to give priority to certain exchanges or patient-donor pairs, e.g., to patients who are hard to match due to their medical characteristics. In this paper, we introduce a generic gate for implementing prioritization in kidney exchange. We extend two existing SMPC protocols for solving the KEP such that they allow for altruistic donors and prioritization and present one novel SMPC protocol for solving the KEP with altruistic donors and prioritization based on dynamic programming. We prove the security of all protocols and analyze their complexity. We implement all protocols and evaluate their performance for the setting where altruistic donors are legally allowed and for the setting where they are not. Thereby, we determine the performance impact of the inclusion of altruistic donors and obtain those approaches that perform best for each setting.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139804424","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Ensuring cybersecurity for industrial networks: A solution for ARP-based MITM attacks","authors":"Danilo Bruschi, Andrea Di Pasquale, A. Lanzi, Elena Pagani","doi":"10.3233/jcs-230023","DOIUrl":"https://doi.org/10.3233/jcs-230023","url":null,"abstract":"The increased adoption of the Internet Protocol (IP) in ICSs has made these systems vulnerable to the same security risks that are present in traditional IT environments. The legacy nature of ICSs and their unique operational requirements make them vulnerable to security threats that are different from those in IT environments. In this paper, we describe a protocol, named ArpON, which is able to wipe out in quasi real time any ARP cache poisoning attempt, thus making it ineffective. Contrarily to solutions presented in the literature for contrasting ARP cache poisoning, ArpON incurs in low operational costs, is backward compatible, transparent to the ARP protocol and does not use any HW feature nor cryptography functionality. We also model and validate ArpON in the OMNET + + network simulator. The simulation results show that ArpON is effective in avoiding ARP poisoning, and its communication overhead is negligible with respect to classical ARP protocol.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139819891","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Ensuring cybersecurity for industrial networks: A solution for ARP-based MITM attacks","authors":"Danilo Bruschi, Andrea Di Pasquale, A. Lanzi, Elena Pagani","doi":"10.3233/jcs-230023","DOIUrl":"https://doi.org/10.3233/jcs-230023","url":null,"abstract":"The increased adoption of the Internet Protocol (IP) in ICSs has made these systems vulnerable to the same security risks that are present in traditional IT environments. The legacy nature of ICSs and their unique operational requirements make them vulnerable to security threats that are different from those in IT environments. In this paper, we describe a protocol, named ArpON, which is able to wipe out in quasi real time any ARP cache poisoning attempt, thus making it ineffective. Contrarily to solutions presented in the literature for contrasting ARP cache poisoning, ArpON incurs in low operational costs, is backward compatible, transparent to the ARP protocol and does not use any HW feature nor cryptography functionality. We also model and validate ArpON in the OMNET + + network simulator. The simulation results show that ArpON is effective in avoiding ARP poisoning, and its communication overhead is negligible with respect to classical ARP protocol.","PeriodicalId":46074,"journal":{"name":"Journal of Computer Security","volume":null,"pages":null},"PeriodicalIF":1.2,"publicationDate":"2024-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139880154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}