Journal of Information Security and Applications最新文献

{"title":"Secure similar patients query with homomorphically evaluated thresholds","authors":"Mounika Pratapa,&nbsp;Aleksander Essex","doi":"10.1016/j.jisa.2024.103861","DOIUrl":"10.1016/j.jisa.2024.103861","url":null,"abstract":"<div><p>Patient-centric precision medicine requires the analysis of large volumes of genomic data to tailor treatments and medications based on individual-level characteristics. Because the amount of data held by a single institution is limited, researchers may want access to genomic data held by other institutions. Owing to the inherent privacy implications of genomic data, performing comparisons on <em>encrypted</em> data is preferable in certain settings. The <em>Similar patient query</em> (SPQ) is an application that enables a secure search across genomic databases for patients with similar genetic makeup. Query results can be used to draw meaningful conclusions regarding suitable therapies.</p><p>However, existing protocols either reveal intermediate computations, such as similarity scores, which can lead to membership-inference attacks, or they realize the ideal Boolean output (similar/not similar) through <em>multiple</em> protocol rounds, requiring the database owners to stay online throughout.</p><p>This paper introduces a two-party privacy-preserving approach to perform SPQs across encrypted genomic databases based on secure function extensions of additively homomorphic encryption. In contrast to related works, our scheme enables secure computation of genomic data similarity without an external party in a single round. This is achieved for more than 1000 positions of a genome in a single public key operation of 256-bit security level in the integer factorization setting.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103861"},"PeriodicalIF":3.8,"publicationDate":"2024-08-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624001637/pdfft?md5=03b251bf5e21af75bddaf15bffd0b4fd&pid=1-s2.0-S2214212624001637-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142006706","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"e-SAFE: A secure and efficient access control scheme with attribute convergence and user revocation in fog enhanced IoT for E-Health","authors":"Richa Sarma ,&nbsp;Sanjay Moulik","doi":"10.1016/j.jisa.2024.103859","DOIUrl":"10.1016/j.jisa.2024.103859","url":null,"abstract":"<div><p>The growth of IoT led to a surge in connected devices and data production in the medical field. Therefore, to meet the rising demand for modern healthcare services, Fog and Cloud services come as a rescue for IoT-based equipment. As data travels through several levels, providing security to such data is challenging. The CP-ABE cryptographic approach allows for efficient access control. However, none of the known cryptographic CP-ABE approaches that provide granular access control offers the following features: <em>attribute convergence</em>, <em>privileged access</em>, <em>user revocation</em>, and <em>outsourcing capabilities</em> altogether. Thus, we present <em>e-SAFE</em>, a CP-ABE approach which addresses all these issues. In addition, in <em>e-SAFE</em>, the data users with resource-constrained medical gadgets must save just a constant and small-size decryption key on their gadgets. According to our assessment of security and performance, <em>e-SAFE</em> is found to be a secure and efficient access control technique for IoT gadgets.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103859"},"PeriodicalIF":3.8,"publicationDate":"2024-08-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141997724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A robust medical image zero-watermarking algorithm using Collatz and Fresnelet Transforms","authors":"Pavani Meesala,&nbsp;Moumita Roy,&nbsp;Dalton Meitei Thounaojam","doi":"10.1016/j.jisa.2024.103855","DOIUrl":"10.1016/j.jisa.2024.103855","url":null,"abstract":"<div><p>Zero-watermarking in medical images is an emerging field that focuses on calculating the invisible data (key) using medical imagery to ensure data integrity and authenticity without compromising diagnostic accuracy. This paper introduces a robust zero-watermarking technique leveraging the Collatz and Fresnelet Transforms. The Forward Collatz Transform (FCT) is initially applied to create a secure and encrypted embedding pattern for medical images. Subsequently, the Fresnelet Transform (FT) is employed, offering superior localization and frequency selectivity. From the fresnelet values, we extract two strongest Oriented FAST and Rotated BRIEF (ORB) points to enhance watermark robustness, resulting in a 64-bit perceptual image hash. Our approach adopts a dual-layer security strategy by combining FCT and Cyclic-Shift-Transformation (CST) methods, significantly fortifying the protection of watermark image data. The watermark can be efficiently extracted using the Inverse Collatz Transform (ICT). A comprehensive performance analysis evaluates our system under single, double, and multiple attacks on medical images. Our experiments clearly show that our system outperforms existing methods in medical image watermarking, demonstrating its resilience against various manipulations. This approach can significantly improve data security and reliability in medical imaging applications.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103855"},"PeriodicalIF":3.8,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141993319","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Color image encryption scheme combining a 2D hyperchaotic Sin–Henon system and the division algorithm","authors":"Honglian Shen ,&nbsp;Xiuling Shan ,&nbsp;Zihong Tian","doi":"10.1016/j.jisa.2024.103858","DOIUrl":"10.1016/j.jisa.2024.103858","url":null,"abstract":"<div><p>As an important transmission medium, color images can provide more information, but in the process of image encryption, few algorithms fully consider the relationship between three color planes. To achieve a more secure and effective color image encryption effect, we propose a novel scheme combining a 2D hyperchaotic Sin–Henon system (2D-SH) and the division algorithm. 2D-SH is designed based on Sin mapping and Henon mapping, which has a broader chaotic range, better ergodicity, and more complicated chaotic behavior. The division algorithm is applied to the chaotic sequences produced by 2D-SH to generate a position matrix and two pseudo-random matrices for cross-plane scrambling and diffusion. The main encryption process involves three steps. Firstly, a color plaintext image is dimensionally reduced and preprocessed into a 2D pixel matrix to improve the efficiency of scrambling and diffusion. Secondly, the position matrix is used to achieve cross-plane scrambling. Finally, the pseudo-random matrices and the position matrix are used to realize synchronous diffusion and scrambling. The algorithm is simple in structure and can complete the encryption with only one round of the process. Simulation experiments and security analyses demonstrate that the proposed algorithm can not only encrypt images securely and fast, but also successfully pass various tests, demonstrating robustness and effectiveness. In addition, SH-CIEA outperforms some latest algorithms in terms of variance, entropy, and other aspects. The calculation time is nearly 0.61 s, showing its efficiency for practical applications.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103858"},"PeriodicalIF":3.8,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141993320","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Obfuscation undercover: Unraveling the impact of obfuscation layering on structural code patterns","authors":"Sebastian Raubitzek ,&nbsp;Sebastian Schrittwieser ,&nbsp;Elisabeth Wimmer ,&nbsp;Kevin Mallinger","doi":"10.1016/j.jisa.2024.103850","DOIUrl":"10.1016/j.jisa.2024.103850","url":null,"abstract":"<div><p>Malware often uses code obfuscation to evade detection, employing techniques such as packing, virtualization, and data encoding or encryption. Despite widespread application, the impact of combining these techniques in a particular order – so-called obfuscation layering – on code analysis remains poorly understood. This study advances previous research by examining the effects of obfuscation layering on the classification of obfuscation techniques contained in binary code, focusing on how different layering combinations alter structural code patterns. Utilizing a dataset of 85 C programs modified with various combinations of code obfuscation techniques, we analyze the impact of obfuscation layering on structural code metrics such as its control flow complexity. Our study demonstrates that obfuscation layering significantly affects the ability to classify obfuscated code and that the order of applied obfuscations is less significant for classification than previously assumed. Through explainability methodologies our work offers novel insights for malware analysts and researchers to improve their detection strategies.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103850"},"PeriodicalIF":3.8,"publicationDate":"2024-08-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2214212624001522/pdfft?md5=3de2f994e091baa96e64c5d0c427f0b4&pid=1-s2.0-S2214212624001522-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141997723","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Contract-based hierarchical security aggregation scheme for enhancing privacy in federated learning","authors":"Qianjin Wei ,&nbsp;Gang Rao ,&nbsp;Xuanjing Wu","doi":"10.1016/j.jisa.2024.103857","DOIUrl":"10.1016/j.jisa.2024.103857","url":null,"abstract":"<div><p>Federated learning ensures the privacy of participant data by uploading gradients rather than private data. However, it has yet to address the issue of untrusted aggregators using gradient inference attacks to obtain user privacy data. Current research introduces encryption, blockchain, or secure multi-party computation to address these issues, but these solutions suffer from significant computational and communication overhead, often requiring a trusted third party. To address these challenges, this paper proposes a contract-based hierarchical secure aggregation scheme to enhance the privacy of federated learning. Firstly, the paper designs a general hierarchical federated learning model that distinguishes among training, aggregation, and consensus layers, replacing the need for a trusted third party with smart contracts. Secondly, to prevent untrusted aggregators from inferring the privacy data of each participant, the paper proposes a novel aggregation scheme based on Paillier and secret sharing. This scheme forces aggregators to aggregate participants’ model parameters, thereby preserving the privacy of gradients. Additionally, secret sharing ensures robustness for participants dynamically joining or exiting. Furthermore, at the consensus layer, the paper proposes an accuracy-based update algorithm to mitigate the impact of Byzantine attacks and allows for the introduction of other consensus methods to ensure scalability. Experimental results demonstrate that our scheme enhances privacy protection, maintains model accuracy without loss, and exhibits robustness against Byzantine attacks. The proposed scheme effectively protects participant privacy in practical federated learning scenarios.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103857"},"PeriodicalIF":3.8,"publicationDate":"2024-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141978253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Forensic analysis of web browsers lifecycle: A case study","authors":"Ahmed Raza ,&nbsp;Mehdi Hussain ,&nbsp;Hasan Tahir ,&nbsp;Muhammad Zeeshan ,&nbsp;Muhammad Adil Raja ,&nbsp;Ki-Hyun Jung","doi":"10.1016/j.jisa.2024.103839","DOIUrl":"10.1016/j.jisa.2024.103839","url":null,"abstract":"<div><p>The widespread integration of the internet into daily life across sectors such as healthcare, education, business, and entertainment has led to an increasing dependence on web applications. However, inherent technological vulnerabilities attract cybercriminals, necessitating robust security measures. While these security measures, including frequent updates/fixes to applications and operating systems, are essential, they also complicate forensic investigations. This research proposes a comprehensive approach to artifact identification and collection for examining browsing activities of Firefox, Chrome, and Edge on Windows 11. The methodology includes setting up and analyzing all stages of browser usage, such as installations, executions, uninstallations, and anomalous behaviors like crashes and restarts. Simulated cyber-criminal activities are used to collect artifacts at each stage, which are then analyzed using Windows 11 components such as the registry, memory, storage, and log locations. Experimental results reveal vulnerabilities, such as crashes, that can lead to the loss of sensitive information. This methodology provides a promising foundation for advancing browser forensic analysis and enhancing cybercrime investigations.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103839"},"PeriodicalIF":3.8,"publicationDate":"2024-08-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141978254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Privacy-preserving logistic regression with improved efficiency","authors":"Miaomiao Tian ,&nbsp;Jiale Liu ,&nbsp;Zhili Chen ,&nbsp;Shaowei Wang","doi":"10.1016/j.jisa.2024.103848","DOIUrl":"10.1016/j.jisa.2024.103848","url":null,"abstract":"<div><p>Logistic regression is a well-known method for classification and is being widely used in our daily life. To obtain a logistic regression model with sufficient accuracy, collecting a large number of data samples from multiple sources is necessary. However, in nowadays a concern about the leakage of private information contained in data samples becomes increasingly prominent, and thus privacy-preserving logistic regression that enables training logistic regression models without privacy leakage has received great attention from the community. Mohassel and Zhang at IEEE S&amp;P’17 presented a significant protocol for privacy-preserving logistic regression in two-server setting, where two non-colluding servers collaboratively train logistic regression models in an offline–online manner. In this work, we propose a new two-server-based protocol for privacy-preserving logistic regression with an efficient approach to activation function evaluation, which incurs much less computational overhead than Mohassel–Zhang protocol while requiring the same number of online rounds. We also present a round-efficient protocol for generating correlated randomness that will be used subsequently in our activation function evaluation. We implement our protocol in C++ and the experimental results validate its efficiency.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103848"},"PeriodicalIF":3.8,"publicationDate":"2024-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141940363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A deep reinforcement learning approach for security-aware service acquisition in IoT","authors":"Marco Arazzi ,&nbsp;Serena Nicolazzo ,&nbsp;Antonino Nocera","doi":"10.1016/j.jisa.2024.103856","DOIUrl":"10.1016/j.jisa.2024.103856","url":null,"abstract":"<div><p>The emerging Internet of Things (IoT) landscape is characterized by a high number of heterogeneous smart devices and services often provided by third parties. Although machine-based Service Level Agreements (SLA) have been recently leveraged to establish and share policies in this scenario, system owners do not always give full transparency regarding the security and privacy of the offered features. Hence, the issue of making end users aware of the overall system security levels and the fulfillment of their privacy requirements through the provision of the requested service remains a challenging task. To tackle this problem, we propose a complete framework that allows users to choose suitable levels of privacy and security requirements for service acquisition in IoT. Our approach leverages a Deep Reinforcement Learning solution in which a user agent, inside the environment, is trained to select the best encountered smart objects providing the user target services on behalf of its owner. This strategy is designed to allow the agent to learn from experience by moving in a complex, multi-dimensional environment and reacting to possible changes. During the learning phase, a key task for the agent is to adhere to deadlines while ensuring user security and privacy requirements. Finally, to assess the performance of the proposed approach, we carried out an extensive experimental campaign. The obtained results also show that our solution can be successfully deployed on very basic and simple devices typically available in an IoT setting.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103856"},"PeriodicalIF":3.8,"publicationDate":"2024-08-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141940361","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LSPR23: A novel IDS dataset from the largest live-fire cybersecurity exercise","authors":"Allard Dijk ,&nbsp;Emre Halisdemir ,&nbsp;Cosimo Melella ,&nbsp;Alari Schu ,&nbsp;Mauno Pihelgas ,&nbsp;Roland Meier","doi":"10.1016/j.jisa.2024.103847","DOIUrl":"10.1016/j.jisa.2024.103847","url":null,"abstract":"<div><p>Cybersecurity threats are constantly evolving and becoming increasingly sophisticated, automated, adaptive, and intelligent. This makes it difficult for organizations to defend their digital assets. Industry professionals are looking for solutions to improve the efficiency and effectiveness of cybersecurity operations, adopting different strategies. In cybersecurity, the importance of developing new intrusion detection systems (IDSs) to address these threats has emerged. Most of these systems today are based on machine learning. But these systems need high-quality data to “learn” the characteristics of malicious traffic. Such datasets are difficult to obtain and therefore rarely available.</p><p>This paper advances the state of the art and presents a new high-quality IDS dataset. The dataset originates from Locked Shields, one of the world’s most extensive live-fire cyber defense exercises. This ensures that (i) it contains realistic behavior of attackers and defenders; (ii) it contains sophisticated attacks; and (iii) it contains labels, as the actions of the attackers are well-documented.</p><p>The dataset includes approximately 16 million network flows, [F3] of which approximately 1.6 million were labeled malicious. What is unique about this dataset is the use of a new labeling technique that increases the accuracy level of data labeling.</p><p>We evaluate the robustness of our dataset using both quantitative and qualitative methodologies. We begin with a quantitative examination of the Suricata IDS alerts based on signatures and anomalies. Subsequently, we assess the reproducibility of machine learning experiments conducted by Känzig et al., who used a private Locked Shields dataset. We also apply the quality criteria outlined by the evaluation framework proposed by Gharib et al.</p><p>Using our dataset with an existing classifier, we demonstrate comparable results (F1 score of 0.997) to the original paper where the classifier was evaluated on a private dataset (F1 score of 0.984)</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103847"},"PeriodicalIF":3.8,"publicationDate":"2024-08-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141940365","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}