IEEE Information forensic and security Title and Abstract 2016

For Details, Contact TSYS Academic Projects.
Ph: 9841103123, 044-42607879, Website: http://www.tsys.co.in/
Mail Id: tsysglobalsolutions2014@gmail.com.
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY TOPICS
2016
ActiveTrust: Secure and Trustable Routing in Wireless Sensor Networks
Abstract - Wireless sensor networks (WSNs) are increasingly being deployed in security-critical
applications. Because of their inherent resource-constrained characteristics, they are prone to
various security attacks, and a black hole attack is a type of attack that seriously affects data
collection. To conquer that challenge, an active detection-based security and trust routing scheme
named ActiveTrust is proposed for WSNs. The most important innovation of ActiveTrust is that
it avoids black holes through the active creation of a number of detection routes to quickly detect
and obtain nodal trust and thus improve the data route security. More importantly, the generation
and distribution of detection routes are given in the ActiveTrust scheme, which can fully use the
energy in non-hotspots to create as many detection routes as needed to achieve the desired
security and energy efficiency. Both comprehensive theoretical analysis and experimental results
indicate that the performance of the ActiveTrust scheme is better than that of previous studies.
ActiveTrust can significantly improve the data route success probability and ability against black
hole attacks and can optimize network lifetime.
IEEE Transactions on Information Forensics and Security (May 2016)
Cryptoleq: A Heterogeneous Abstract Machine for Encrypted and Unencrypted
Computation
Abstract - The rapid expansion and increased popularity of cloud computing comes with no
shortage of privacy concerns about outsourcing computation to semi-trusted parties. Leveraging
the power of encryption, in this paper we introduce Cryptoleq: an abstract machine based on the
concept of One Instruction Set Computer, capable of performing general-purpose computation
on encrypted programs. The program operands are protected using the Paillier partially
homomorphic cryptosystem, which supports addition on the encrypted domain. Full
homomorphism over addition and multiplication, which is necessary for enabling general-
purpose computation, is achieved by inventing a heuristically obfuscated software re-encryption
module written using Cryptoleq instructions and blended into the executing program. Cryptoleq

is heterogeneous, allowing mixing encrypted and unencrypted instruction operands in the same
program memory space. Programming with Cryptoleq is facilitated using an enhanced assembly
language that allows development of any advanced algorithm on encrypted datasets. In our
evaluation, we compare Cryptoleq’s performance against a popular fully homomorphic
encryption library, and demonstrate correctness using a typical Private Information Retrieval
problem.
Intent-based Extensible Real-time PHP Supervision Framework
Abstract - Protecting web applications is increasingly important due to their high popularity and
wide adoption. Therefore, a multitude of protection techniques emerged in effort to secure web
applications, specifically considering valuable and private data commonly processed by such
applications. Based on an overview of currently existing protection techniques, a generic and
extensible PHP-oriented protection framework is proposed. The concept of application developer
intent is introduced and compared to other concepts such as enforced security policies commonly
used in existing protection approaches. The proposed framework is mainly focused on
application developer intention understanding. Supervising the application execution in real-time
makes it possible to detect deviations from the intended behaviour and prevent potentially
malicious activity. Additional aspects of application behaviour such as database-related
communications or generated web page structure can be analysed due to the extensible
architecture of the framework.
Boosting 3D LBP-Based Face Recognition by Fusing Shape and Texture Descriptors on the
Mesh
Abstract - In this paper, we present a novel approach for fusing shape and texture local binary
patterns (LBPs) on a mesh for 3D face recognition. Using a recently proposed framework, we
compute LBP directly on the face mesh surface, then we construct a grid of the regions on the
facial surface that can accommodate global and partial descriptions. Compared with its depth-
image counterpart, our approach is distinguished by the following features: 1) inherits the
intrinsic advantages of mesh surface (e.g., preservation of the full geometry); 2) does not require

normalization; and 3) can accommodate partial matching. In addition, it allows early level fusion
of texture and shape modalities. Through experiments conducted on the BU-3DFE and
Bosphorus databases, we assess different variants of our approach with regard to facial
expressions and missing data, also in comparison to the state-of-the-art solutions.
Efficient and Anonymous Mobile User Authentication Protocol Using Self-certified Public
Keys Cryptography for Multi-server Architectures
Abstract - Rapid advances in wireless communication technologies have paved the way for a
wide range of mobile devices to become increasingly ubiquitous and popular. Mobile devices
enable anytime, anywhere access to the Internet. The fast growth of many types of mobile
services used by various users has made the traditional single-server architecture inefficient in
terms of its functional requirements. To ensure the availability of various mobile services, there
is a need to deploy multi-server architectures. To ensure the security of various mobile services
applications, the Anonymous Mobile User Authentication (AMUA) protocol without online
registration using the Self-Certified Public Key Cryptography (SCPKC) for multi-server
architectures was proposed in the past. However, most of past AMUA solutions suffer from
malicious attacks or have unacceptable computation and communication costs. To address these
drawbacks, we propose a new AMUA protocol that uses the SCPKC for multi-server
architectures. In contrast to existing AMUA protocols, our proposed AMUA protocol incurs
lower computation and communication costs. By comparing with two of the latest AMUA
protocols, the computation and the communication costs of our protocol are at least 74.93% and
37.43% lower than them respectively. Moreover, the security analysis of our AMUA protocol
demonstrates that it satisfies the security requirements in practical applications and is provably
secure in the novel security model. By maintaining security at various levels, our AMUA
protocol is more practical for various mobile applications.
An Exploration of Geographic Authentication Schemes
Abstract - We design and explore the usability and security of two geographic authentication
schemes: GeoPass and GeoPass- Notes. GeoPass requires users to choose a place on a digital

map to authenticate with (a location password). GeoPassNotes—an extension of GeoPass—
requires users to annotate their location password with a sequence of words that they can
associate with the location (an annotated location password). In GeoPassNotes, users are
authenticated by correctly entering both a location and an annotation. We conducted user studies
to test the usability and assess the security of location passwords and annotated location
passwords. The results indicate that both variants are highly memorable, and that annotated
location passwords may be more advantageous than location passwords alone due to their
increased security and the minimal usability impact introduced by the annotation.
Audio Authentication by Exploring the Absolute-Error-Map of ENF Signals
Abstract - Recently, the electric network frequency (ENF), a natural signature embedded in
many audio recordings, has been utilized as a criterion to examine the authenticity of audio
recordings. ENF-based audio authentication system involves extraction of the ENF signal from a
questioned audio recording, and matching it with the reference signal stored in an ENF database.
This establishes a popular application of audio timestamp verification. In this paper, we explore
another important application, i.e., ENF-based audio tampering detection, which has received
less research attention. Specifically, we introduce the absolute-error-map (AEM) between the
ENF signals obtained from the testing audio recording and the database. The AEM serves as an
ensemble of the raw data associated with the ENF matching process. Through intensive analysis
of the AEM, we propose two algorithms to jointly deal with timestamp verification and
tampering detection, including insertion, deletion, and splicing attacks, respectively. The first
algorithm is based on exhaustive point search and measurement, while the second algorithm
leverages the image erosion technique to achieve fast detection of tampering type and tampered
region, thus the second algorithm sacrifices some accuracy for speed. The authentication
mechanism is that the system first determines if the testing data have been tampered with, and
then outputs the timestamp information if no tampering is detected. Otherwise, it outputs the
tampering type and tampered region. We demonstrate the effectiveness of the proposed solution
via both synthetic and practical examples from our practically deployed audio authentication
system.

Personal Identification using Minor Knuckle Patterns from Palm Dorsal Surface
Abstract - Finger or palm dorsal surface is inherently revealed while presenting (slap)
fingerprints during border crossings or during day-to-day activities like driving, holding arms,
signing documents or playing sports. Finger knuckle patterns are believed to be correlated with
the anatomy of fingers that involve complex interaction of finger bones, tissues, and skin which
can be uniquely identify the individuals. This paper investigates the possibility of using lowest
finger knuckle patterns formed on joints between the metacarpal and proximal phalanx bones for
the automated personal identification. We automatically segment such region of interest from the
palm dorsal images and normalize/enhance them to accommodate illumination, scale and pose
variations resulting from the contactless imaging. The normalized knuckle images are
investigated for the matching performance using several spatial and spectral domain approaches.
We use database of 501 different subjects acquired from the contactless hand imaging to
ascertain the performance. This paper also evaluate the possibility of using palm dorsal surface
regions, along with their combination with minor knuckle patterns, and provides palm dorsal
image database from 712 different subjects for the performance evaluation. The experimental
results presented in this paper are very encouraging and demonstrates the potential of such
unexplored minor finger knuckle patterns for the biometrics applications.
An Efficient Privacy-Preserving Outsourced Calculation Toolkits with Multiple Keys
Abstract - In this paper, we propose a toolkit for efficient and privacy-preserving outsourced
calculation under multiple encrypted keys, which we refer to as EPOM. Using EPOM, a large
scale of users can securely outsource their data to a cloud server for storage. Moreover,
encrypted data belonging to multiple users can be processed without compromising on the
security of the individual user’s (original) data and the final computed results. To reduce the
associated key management cost and private key exposure risk in EPOM, we present a
Distributed Two-Trapdoor Public-Key Cryptosystem (DT-PKC), the core cryptographic
primitive. We also present the toolkits to ensure that the commonly used integer operations can

be securely handled across different encrypted domains. We then prove that the proposed EPOM
achieves the goal of secure integer number processing without resulting in privacy leakage of
data to unauthorized parties. Lastly, we demonstrate the utility and the efficiency of EPOM using
simulations.
Neural Markers of Cybersecurity: An fMRI Study of Phishing, and Malware Warnings
Abstract - The security of computer systems often relies upon decisions and actions of end
users. In this paper, we set out to investigate users’ susceptibility to cybercriminal attacks by
concentrating at the most fundamental component governing user behavior – the human brain.
We introduce a novel neuroscience-based study methodology to inform the design of user-
centered security systems as it relates to cybercrime. Specifically, we report on an fMRI study
measuring users’ security performance and underlying neural activity with respect to two critical
security tasks: (1) distinguishing between a legitimate and a phishing website, and (2) heeding
security (malware) warnings. We identify neural markers that might be controlling users’
performance in these tasks, and establish relationships between brain activity and behavioral
performance as well as between users’ personality traits and security behavior. Our results
provide a largely positive perspective on users’ capability and performance vis-à-vis these
crucial security tasks. First, we show that users exhibit significant brain activity in key regions
associated with decision-making, attention, and problem-solving (phishing and malware
warnings) as well as language comprehension and reading (malware warnings), which means
that users are actively engaged in these security tasks. Second, we demonstrate that certain
individual traits, such as impulsivity measured via an established questionnaire, are associated
with a significant negative effect on brain activation in these tasks. Third, we discover a high
degree of correlation in brain activity (in decision-making regions) across phishing detection and
malware warnings tasks, which implies that users’ behavior in one task may potentially be
predicted by their behavior in the other. Fourth, we discover high functional connectivity among
the core regions of the brain while users performed the phishing detection task. Fi- ally, we
discuss the broader impacts and implications of our work on the field of user-centered security,
including the domain of security education, targeted security training, and security screening.

Secure Transmission Against Pilot Spoofing Attack: A Two-Way Training-Based Scheme
Abstract - The pilot spoofing attack is one kind of active eavesdropping activities conducted by
a malicious user during the channel training phase. By transmitting the identical pilot (training)
signals as those of the legal users, such an attack is able to manipulate the channel estimation
outcome, which may result in a larger channel rate for the adversary but a smaller channel rate
for the legitimate receiver. With the intention of detecting the pilot spoofing attack and
minimizing its damages, we design a two-way training-based scheme. The effective detector
exploits the intrusive component created by the adversary, followed by a secure beamforming-
assisted data transmission. In addition to the solid detection performance, this scheme is also
capable of obtaining the estimations of both legitimate and illegitimate channels, which allows
the users to achieve secure communication in the presence of pilot spoofing attack. The detection
probability is evaluated based on the derived test threshold at a given requirement on the
probability of false alarming. The achievable secrecy rate is utilized to measure the security level
of the data transmission. Our analysis shows that even without any pre-assumed knowledge of
eavesdropper, the proposed scheme is still able to achieve the maximal secrecy rate in certain
cases. Numerical results are provided to show that our scheme could achieve a high detection
probability as well as secure transmission.
Security Analysis and Improvements on Two Homomorphic Authentication Schemes for
Network Coding
Abstract - Recently, based on the homomorphic signatures, the authentication schemes, such as
homomorphic subspace signature (HSS) and key predistribution-based tag encoding (KEPTE),
have been proposed to resist against pollution attacks in network coding. In this paper, we show
that there exists an efficient multi-generation pollution attack on HSS and KEPTE. In particular,
we show that using packets and their signatures of different generations, the adversary can create
invalid packets and their corresponding signatures that pass the verification of HSS and KEPTE
at intermediate the nodes as well as at the destination nodes. After giving a more generic attack,
we analyze the cause of the proposed attack. We then propose the improved key distribution

schemes for HSS and KEPTE, respectively. Next, we show that the proposed key distribution
schemes can combat against the proposed multi-generation pollution attacks. Finally, we analyze
the computation and communication costs of the proposed key distribution schemes for HSS and
KEPTE, and by implementing experiments, we demonstrate that the proposed schemes add
acceptable burden on the system.
Achieving Probabilistic Anonymity in a Linear and Hybrid Randomization Model
Abstract - The randomization methods that are applied for privacypreserving data mining are
commonly subject to reconstruction, linkage, and semantic-related attacks. Some existing works
employed random noise addition to realize probabilistic anonymity, aiming only at linkage
attacks. Random noise addition is vulnerable to reconstruction attacks, and is unable to achieve
semantic closeness, particularly on high-dimensional data, to prevent semantic-related attacks.
For linkage attacks, the main security vulnerability of their proposed probabilistic anonymity lies
in the assumption that the attacker had a priori knowledge of the quasi-identifiers of all
individuals. When only some individuals leak their quasi-identifiers, the proposed model will
become incapable because the attacker can deploy a different linkage attack that has not been
studied before. This type of attack is much easier to deploy and is thus very harmful. In this
paper, we propose new frameworks of probabilistic (1,k)- and (k,k)-anonymity to defend against
all these linkage attacks, and realize the frameworks on a hybrid randomization model. The
model is also secure against reconstruction attacks. We further achieve statistical semantic
closeness of highdimensional data to prevent semantic-related attacks on the model. The
frameworks also allow us to re-design the traditional K-nearest neighbors algorithm to leverage
the introduced data uncertainty and improve the mining results. Our work demonstrates
promising applications in large-scale and high-dimensional data mining in clouds, by providing
high efficiency and security to protect data privacy, guaranteeing high data utility for mining
purposes, on-time processing and non-interactive data publishing.
Source Distinguishability under Distortion-Limited Attack: an Optimal Transport
Perspective

Abstract - We analyze the distinguishability of two sources in a Neyman-Pearson set-up when
an attacker is allowed to modify the output of one of the two sources subject to an additive
distortion constraint. By casting the problem in a game-theoretic framework and by exploiting
the parallelism between the attacker’s goal and Optimal Transport Theory, we introduce the
concept of Security Margin defined as the maximum average per-sample distortion introduced by
the attacker for which the two sources can be distinguished ensuring arbitrarily small, yet
positive, error exponents for type I and type II error probabilities. Several versions of the
problem are considered according to the available knowledge about the sources. We compute the
security margin for some classes of sources and derive general bounds assuming that the
distortion is measured in terms of the mean square error between the original and the attacked
sequence. The analysis of the game and the study of the distinguishability of the sources is
extended to the case in which the distortion constraint is defined in terms of the maximum
distance.
PHY-Layer Authentication Using Duobinary Signaling for Spectrum Enforcement
Abstract - Spectrum security and enforcement is one of the major challenges that need to be
addressed before spectrum sharing technologies can be adopted widely. The problem of rogue
transmitters is a major threat to the viability of spectrum sharing. One approach for deterring
rogue transmissions is to enable receivers to authenticate or uniquely identify transmitters.
Although cryptographic mechanisms at the higher layers have been widely used to authenticate
transmitters, the ability to authenticate transmitters at the physical (PHY) layer has a number of
key advantages over higher layer approaches. In existing schemes, the authentication signal is
added to the message signal in such a way that the authentication signal appears as noise to the
message signal and vice versa. Hence, existing schemes are constrained by a fundamental
tradeoff between the message signal's signal-to-noise ratio (SNR) and the authentication signal's
SNR. In this paper, we extend the precoded duobinary signaling (P-DS) technique to devise a
new PHY-layer authentication scheme called P-DS for authentication (P-DSA). P-DSA exploits
the redundancy introduced by P-DS to embed the authentication signal into the message signal.
P-DSA is not constrained by the aforementioned tradeoff between the message and

authentication signals. Our results show that P-DSA improves the detection performance
compared with the prior art without sacrificing message throughput or increasing transmission
power.
Discriminant Correlation Analysis: Real-Time Feature Level Fusion for Multimodal
Biometric Recognition
Abstract - Information fusion is a key step in multimodal biometric systems. Fusion of
information can occur at different levels of a recognition system, i.e., at the feature level,
matching-score level, or decision level. However, feature level fusion is believed to be more
effective owing to the fact that a feature set contains richer information about the input biometric
data than the matching score or the output decision of a classifier. The goal of feature fusion for
recognition is to combine relevant information from two or more feature vectors into a single one
with more discriminative power than any of the input feature vectors. In pattern recognition
problems, we are also interested in separating the classes. In this paper, we present Discriminant
Correlation Analysis (DCA), a feature level fusion technique that incorporates the class
associations into the correlation analysis of the feature sets. DCA performs an effective feature
fusion by maximizing the pairwise correlations across the two feature sets, and at the same time,
eliminating the between-class correlations and restricting the correlations to be within the
classes. Our proposed method can be used in pattern recognition applications for fusing features
extracted from multiple modalities or combining different feature vectors extracted from a single
modality. It is noteworthy that DCA is the first technique that considers class structure in feature
fusion. Moreover, it has a very low computational complexity and it can be employed in real-
time applications. Multiple sets of experiments performed on various biometric databases, and
using different feature extraction techniques, show the effectiveness of our proposed method,
which outperforms other state-of-the-art approaches.
On the Individual Secrecy Capacity Regions of the General, Degraded and Gaussian Multi-
Receiver Wiretap Broadcast Channel

Abstract - In this paper, secure communication over a broadcast channel with multiple
legitimate receivers and an external eavesdropper is investigated. Two different secrecy
measures are considered: The first criterion is a conservative one known as joint secrecy, where
the mutual leakage of all confidential messages must be small. The second criterion is a less
conservative constraint known as individual secrecy, where the individual leakage of each
confidential message must be small. At first, we consider the degraded multi-receiver wiretap
broadcast channel and manage to establish the individual secrecy capacity region. Our encoding
scheme applies a careful combination of the standard techniques of wiretap random coding and
Shannon’s one time pad encoding, where the confidential messages of the weak receivers are
used as secret keys for the stronger ones. The validity of this technique is due to the properties of
the degraded broadcast channel and the secrecy requirements of the individual secrecy criterion.
Our result indicates that, the individual secrecy capacity region is in fact larger than the joint one
established in earlier literature. The established capacity region is then used to derive the
individual secrecy capacity regions of the Gaussian SISO and degraded Gaussian MIMO multi-
receiver wiretap broadcast channels. Furthermore, we present an achievable rate region for the
general two-receiver wiretap broadcast channel under both the joint and the individual secrecy
criterion. Comparing these two rate regions suggests that even for the general case, the individual
secrecy criterion might be able to provide a larger rate region compared to the joint one.
Network Diversity: A Security Metric for Evaluating the Resilience of Networks Against
Zero-Day Attacks
Abstract - Diversity has long been regarded as a security mechanism for improving the
resilience of software and networks against various attacks. More recently, diversity has found
new applications in cloud computing security, moving target defense, and improving the
robustness of network routing. However, most existing efforts rely on intuitive and imprecise
notions of diversity, and the few existing models of diversity are mostly designed for a single
system running diverse software replicas or variants. At a higher abstraction level, as a global
property of the entire network, diversity and its effect on security have received limited attention.
In this paper, we take the first step toward formally modeling network diversity as a security

metric by designing and evaluating a series of diversity metrics. In particular, we first devise a
biodiversity-inspired metric based on the effective number of distinct resources. We then
propose two complementary diversity metrics, based on the least and the average attacking
efforts, respectively. We provide guidelines for instantiating the proposed metrics and present a
case study on estimating software diversity. Finally, we evaluate the proposed metrics through
simulation.
Perceptual Visual Security Index Based on Edge and Texture Similarities
Abstract - With the development in recent decades of various efficient image encryption
algorithms, such as selective encryption, a great demand has arisen for methods of evaluating the
visual security of encrypted images. Existing solutions usually adopt well-known metrics of
visual quality assessment to measure the quality of encrypted images, but they often exhibit
undesired behavior on perceptually encrypted images of low quality. In this paper, we propose a
novel visual security index (VSI) based on the human visual system. The proposed VSI evaluates
two aspects of the content similarity between plain and encrypted images: the edge similarity
extracted via multi-threshold edge detection and the texture similarity measured by means of the
co-occurrence matrix. These two components are further integrated to obtain the proposed VSI
through adaptive similarity weighting. Extensive experiments were performed on two publicly
available image databases. Our experimental results demonstrate that compared with many
existing state-of-the-art visual security metrics, the proposed VSI exhibits a better performance
and stability on low-quality images.
Comparative studies of passive imaging in terahertz and mid-wavelength infrared ranges
for object detection
Abstract - We compared the possibility of detecting hidden objects covered with various types
of clothing by using passive imagers operating in a terahertz (THz) range at 1.2 mm (250 GHz)
and a mid-wavelength infrared (MWIR) at 3–6 μm (50–100 THz). We investigated theoretical
limitations, performance of imagers, and physical properties of fabrics in both regions. In order

to investigate the time stability of detection, we performed measurements in sessions each lasting
30 minutes. We present a theoretical comparison of two spectra, as well as the results of
experiments. In order to compare capabilities of passive imaging of hidden objects, we combined
properties of textiles, performance of imagers, and properties of radiation in both spectral ranges.
The paper presents the comparison of the original results of measurement sessions for the two
spectrums with analysis.
A Customized Sparse Representation Model With Mixed Norm for Undersampled Face
Recognition
Abstract - In this paper, a customized sparse representation model is proposed to takes
advantage of the variational information for undersampled face recognition. The proposed model
with the mixed norm is a generalization of the extended sparse representation-based
classification model. This model guarantees the sparsity of representation coefficient and the
robustness for the variational information from generic dataset. The mixed norm well fits the
distribution of variational information (such as illumination, expression, poses, occlusion) and
the interference information (somewhat face-specific in generic dataset) simultaneously. We
compare the proposed method with the related methods on several popular face databases,
including AR, CMUPIE, Georgia and LFW databases. The experimental results show that the
proposed method outperforms several popular face recognition methods.
Formal Verification of the xDAuth Protocol
Abstract - Service Oriented Architecture (SOA) offers a flexible paradigm for information flow
among collaborating organizations. As information moves out of an organization boundary,
various security concerns may arise, such as confidentiality, integrity, and authenticity that needs
to be addressed. Moreover, verifying the correctness of the communication protocol is also an
important factor. This paper focuses on the formal verification of the xDAuth protocol, which is
one of the prominent protocols for identity management in cross domain scenarios. We have
modeled the information flow of xDAuth protocol using High Level Petri Nets (HLPN) to
understand protocol information flow in a distributed environment. We analyze the rules of

information flow using Z language while Z3 SMT solver is used for verification of the model.
Our formal analysis and verification results reveal the fact that the protocol fulfills its intended
purpose and provides the security for the defined protocol specific properties, e.g. secure secret
key authentication, Chinese wall security policy and secrecy specific properties, e.g.
confidentiality, integrity, authenticity.
On the Fingerprinting of Software-defined Networks
Abstract - Software-defined networking (SDN) eases network management by centralizing the
control plane and separating it from the data plane. The separation of planes in SDN, however,
introduces new vulnerabilities in SDN networks since the difference in processing packets at
each plane allows an adversary to fingerprint the network’s packet-forwarding logic. In this
paper, we study the feasibility of fingerprinting the controller-switch interactions by a remote
adversary, whose aim is to acquire knowledge about specific flow rules that are installed at the
switches. This knowledge empowers the adversary with a better understanding of the network’s
packet-forwarding logic and exposes the network to a number of threats. In our study, we collect
measurements from hosts located across the globe using a realistic SDN network comprising of
OpenFlow hardware and software switches. We show that, by leveraging information from the
RTT and packet-pair dispersion of the exchanged packets, fingerprinting attacks on SDN
networks succeed with overwhelming probability. We additionally show that these attacks are
not restricted to active adversaries, but can also be mounted by passive adversaries that only
monitor traffic exchanged with the SDN network. Finally, we discuss the implications of these
attacks on the security of SDN networks, and we present and evaluate an efficient
countermeasure to strengthen SDN networks against fingerprinting. Our results demonstrate the
effectiveness of our countermeasure in deterring fingerprinting attacks on SDN networks.
Privacy-Preserving Data Aggregation in Mobile Phone Sensing
Abstract - Mobile phone sensing provides a promising paradigm for collecting sensing data and
has been receiving increasing attention in recent years. Different from most existing works,
which protect participants' privacy by hiding the content of their data and allow the aggregator to

compute some simple aggregation functions, we propose a new approach to protect participants'
privacy by delinking data from its sources. This approach allows the aggregator to get the exact
distribution of the data aggregation and, therefore, enables the aggregator to efficiently compute
arbitrary/complicated aggregation functions. In particular, we first present an efficient protocol
that allows an untrusted data aggregator to periodically collect sensed data from a group of
mobile phone users without knowing which data belong to which user. Assume there are n users
in the group. Our protocol achieves n-source anonymity in the sense that the aggregator only
learns that the source of a piece of data is one of the n users. Then, we consider a practical
scenario where users may have different source anonymity requirements and provide a solution
based on dividing users into groups. This solution optimizes the efficiency of data aggregation
and meets all users' requirements at the same time.
Jammer-Assisted Resource Allocation in Secure OFDMA With Untrusted Users
Abstract - In this paper, we consider the problem of resource allocation in the orthogonal
frequency division multiple access system with single source and M untrusted users in presence
of a friendly jammer. The jammer is used to improve either the weighted sum secure rate or the
overall system fairness. The formulated optimization problem in both the cases is a mixed
integer non-linear programming problem, belonging to the class of NP-hard. In the sum secure
rate maximization scenario, we decouple the problem and first obtain the subcarrier allocation at
source and the decision for jammer power utilization on a per-subcarrier basis. Then, we do joint
source and jammer power allocation using primal decomposition and alternating optimization
framework. Next, we consider fair resource allocation by introducing a novel concept of
subcarrier snatching with the help of jammer. We propose two schemes for jammer power
utilization, called proactively fair allocation (PFA) and on-demand allocation (ODA). PFA
considers equitable distribution of jammer power among the subcarriers, while ODA distributes
jammer power based on the user demand. In both cases of jammer usage, we also present
suboptimal solutions that solve the power allocation at a highly reduced complexity.
Asymptotically optimal solutions are derived to benchmark optimality of the proposed schemes.
We compare the performance of our proposed schemes with equal power allocation at source and

jammer. Our simulation results demonstrate that the jammer can indeed help in improving either
the sum secure rate or the overall system fairness.
Temporal and Spatial Locality: an Abstraction for Masquerade Detection
Abstract - Most research in masquerade detection focus mainly on the user action, ignoring the
object upon which that action is performed. This may yield limited models since; for example,
command execution (an action) usually ends up in the transformation of a file (the object). The
overall goal of our research is to prove that the object is paramount to distinguishing a user from
a masquerade. With this in mind, we have developed a new approach to masquerade detection,
called file system navigation, and tested our ideas using the Windows-Users and -Intruder
simulations Logs Dataset (WUIL), which unlike other datasets of its kind includes close-to-real
simulated attacks. We have shown that our approach makes it possible to capture computer
behavior in an abstract way difficult to realize in a purely action-based approach. In this paper
we introduce an abstraction called locality, the tendency of programs to cluster references to
memory. While temporal locality is applicable to both actions and objects, spatial locality is
more suitable to objects, as it depends on a notion of position.We have successfully validated our
working hypothesis: locality-based features better capture user behavior for masquerade
detection. Particularly, results based on our approach report an Area Under the Curve of the
ROC curve (AUC) value of 0.97 in average with 30% of users having an AUC equal to or above
0.99.
Cherry-Picking Reliable PUF Bits with Differential Sequence Coding
Abstract - Silicon Physical Unclonable Functions (PUFs) produce a sequence of response bits
from chip-unique manufacturing variations. Since the response bits are physically derived, there
is noise present. To generate bit-exact cryptographic keys, error correction algorithms are used.
The error correction is typically split into small processing blocks to reduce implementation
complexity. The reliability of PUF responses varies from bit to bit but there has been very little
work so far that mathematically analyzes the effect of the block size on the reliability of PUF
response sequences. We use the information theoretical concept of typicality to show that the

probability of drawing an unreliable sequence decreases exponentially with the block size. We
present Differential Sequence Coding (DSC) that scales efficiently across larger block sizes
without having the super-linear increase in decoding complexity of prior approaches. It scans the
entire PUF response sequentially and then only operates on one single, maximally reliable, block
to generate the cryptographic key. Our sample FPGA implementation with a convolutional code
is designed for a popular SRAM PUF scenario. It generates a 128 bit key for an average input bit
error probability of 15% with an output bit error probability of 6:1410�9 and only uses 974 PUF
bits and 1; 108 helper data bits. There are 36% less PUF bits and 71% less helper data bits than
the best previous individual results in both criteria without increasing the implementation size of
the key generation module noticeably.
Creating Secrets Out of Packet Erasures
Abstract - We present protocols for creating pairwise secrets between nodes in a wireless
network, so that these secrets are secure from an eavesdropper, Eve, with unbounded
computational and memory capabilities, but with limited network presence. We first present a
basic secret-agreement protocol for single-hop networks, where secrets are constructed using
traffic exchanged between the nodes, and we show that under standard theoretical assumptions,
our protocol is information-theoretically secure. Second, we propose a secret-agreement protocol
for arbitrary, multi-hop networks that build on the basic protocol but also comprises design
features for leveraging additional sources, that multi-hop offers, for secrecy. Finally, we evaluate
our protocols, and we provide experimental evidence that it is feasible to create thousands of
secret bits per second, in realistic wireless setups, the security of which is independent of Eve's
computational capabilities.
IEEE Transactions on Information Forensics and Security (June 2016)
DW-AES: A Domain-wall Nanowire Based AES for High Throughput and Energy-efficient
Data Encryption in Non-volatile Memory
Abstract - Big-data storage poses significant challenges to anonymization of sensitive
information against data sniffing. Not only will the encryption bandwidth be limited by the I/O

traffic, the transfer of data between processor and memory will also expose the input-output
mapping of intermediate computations on I/O channels that are susceptible to semi-invasive and
noninvasive attacks. Limited by the simplistic cell-level logic, existing logic-in-memory
computing architectures are incapable of performing the complete encryption process within the
memory at reasonable throughput and energy efficiency. In this paper, a block-level in-memory
architecture for Advanced Encryption Standard (AES) is proposed. The proposed technique,
called DW-AES, maps all AES operations directly to the domainwall nanowires. The entire
encryption process can be completed within a homogeneous, high-density and standby-power-
free non-volatile spintronic based memory array without exposing the intermediate results to
external I/O interface. Domain-wall nanowires based pipelining and multi-issue pipelining
methods are also proposed to increase the throughput of the baseline DWAES with insignificant
area overhead and negligible difference on leakage power and energy consumption. The
experimental results show that DW-AES can reduce the leakage power and area by orders of
magnitude compared to existing CMOS ASIC accelerators. It has an energy efficiency of 22
pJ/bit, which is 5x and 3x better than the CMOS ASIC and memristive CMOL based
implementations, respectively. Under the same area budget, the proposed DW-AES achieves 4.6
higher throughput than the latest CMOS ASIC AES with similar power consumption. The
throughput improvement increases to 11x for pipelined DW-AES at the expense of doubling the
power consumption.
A Game-Theoretic Framework for Optimum Decision Fusion in the Presence of Byzantines
Abstract - Optimum decision fusion in the presence of malicious nodes - often referred to as
Byzantines - is hindered by the necessity of exactly knowing the statistical behavior of
Byzantines. In this paper, we focus on a simple, yet widely adopted, setup in which a fusion
center (FC) is asked to make a binary decision about a sequence of system states by relying on
the possibly corrupted decisions provided by local nodes. We propose a game-theoretic
framework, which permits to exploit the superior performance provided by optimum decision
fusion, while limiting the amount of a priori knowledge required. We use numerical simulations
to derive the optimum behavior of the FC and the Byzantines in a game-theoretic sense, and to

evaluate the achievable performance at the equilibrium point of the game. We analyze several
different setups, showing that in all cases, the proposed solution permits to improve the accuracy
of data fusion. We also show that, in some cases, it is preferable for the Byzantines to minimize
the mutual information between the status of the observed system and the reports submitted to
the FC, rather than always flipping the decision made by the local nodes.
Physical Layer Security in Three-Tier Wireless Sensor Networks: A Stochastic Geometry
Approach
Abstract - This paper develops a tractable framework for exploiting the potential benefits of
physical layer security in three-tier wireless sensor networks (WSNs) using stochastic geometry.
In such networks, the sensing data from the remote sensors are collected by sinks with the help
of access points, and the external eavesdroppers intercept the data transmissions. We focus on
the secure transmission in two scenarios: 1) the active sensors transmit their sensing data to the
access points and 2) the active access points forward the data to the sinks. We derive new
compact expressions for the average secrecy rate in these two scenarios. We also derive a new
compact expression for the overall average secrecy rate. Numerical results corroborate our
analysis and show that multiple antennas at the access points can enhance the security of three-
tier WSNs. Our results show that increasing the number of access points decreases the average
secrecy rate between the access point and its associated sink. However, we find that increasing
the number of access points first increases the overall average secrecy rate, with a critical value
beyond which the overall average secrecy rate then decreases. When increasing the number of
active sensors, both the average secrecy rate between the sensor and its associated access point,
and the overall average secrecy rate decrease. In contrast, increasing the number of sinks
improves both the average secrecy rate between the access point and its associated sink, and the
overall average secrecy rate.
An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing
Abstract - Ciphertext-policy attribute-based encryption (CP-ABE) has been a preferred
encryption technology to solve the challenging problem of secure data sharing in cloud

computing. The shared data files generally have the characteristic of multilevel hierarchy,
particularly in the area of healthcare and the military. However, the hierarchy structure of shared
files has not been explored in CP-ABE. In this paper, an efficient file hierarchy attribute-based
encryption scheme is proposed in cloud computing. The layered access structures are integrated
into a single access structure, and then, the hierarchical files are encrypted with the integrated
access structure. The ciphertext components related to attributes could be shared by the files.
Therefore, both ciphertext storage and time cost of encryption are saved. Moreover, the proposed
scheme is proved to be secure under the standard assumption. Experimental simulation shows
that the proposed scheme is highly efficient in terms of encryption and decryption. With the
number of the files increasing, the advantages of our scheme become more and more
conspicuous.
A Unified Resource Allocation Framework for Defending against Pollution Attacks in
Wireless Network Coding Systems
Abstract - Pollution attacks can cause severe damages in network coding systems. Many
approaches have been proposed to defend against pollution attacks. However, the current
approaches implicitly assume that the defender has adequate resources to defend against
pollution attacks. When the resources of the defender are limited, they provide no information
for the defender to allocate the resources to get better defense performance. In this paper, we
consider the case that the defender’s resources are limited and study how the defender allocates
resources to defend against pollution attacks. We first study this problem in one-session
transmissions, and we propose a two-player strategic game to model the interactions between the
defender and the attacker. Under this model, two algorithms are proposed to find the best
response strategy for the defender. Then, we study the resource allocation problem in a multi-
session setting.We propose an extensive game model and an enhancement algorithm to solve the
resource allocation problem under this circumstance. Finally, we conducted extensive
simulations to evaluate the proposed algorithms. The results demonstrate that our algorithms can
significantly improve the utility of the defender, with reasonable computation time.

Imperfect and Perfect Secrecy in Compound Multiple Access Channel With Confidential
Message
Abstract - In this paper, we study the problem of secret communication over a compound
Multiple Access Channel (MAC). In this channel, we assume that one of the transmitted
messages is confidential, which is only decoded by its corresponding receiver and kept secret
from the other receiver. We call this proposed setting the compound MAC with a confidential
message. For this model, we derive general inner and outer bounds for both imperfect and
perfect secrecy conditions for the second receiver. Also, as examples, we investigate less noisy
and Gaussian versions of this channel, and extend the results of the discrete memoryless version
to these cases. Moreover, providing numerical examples for the Gaussian case, we illustrate the
comparison between achievable rate regions of compound MAC and compound MAC with a
confidential message. In addition, for the Gaussian case, we show that using cooperative
jamming strategy can increase the achievable secrecy rate between the legitimate transmitter and
the receiver.
Privacy-Preserving and Regular Language Search over Encrypted Cloud Data
Abstract - Using cloud-based storage service, users can remotely store their data to clouds but
also enjoy the high quality data retrieval services, without the tedious and cumbersome local data
storage and maintenance. However, the sole storage service cannot satisfy all desirable
requirements of users. Over the last decade, privacy-preserving search over encrypted cloud data
has been a meaningful and practical research topic for outsourced data security. The fact of
remote cloud storage service that users cannot have full physical possession of their data makes
the privacy data search a formidable mission. A naive solution is to delegate a trusted party to
access the stored data and fulfill a search task. This, nevertheless, does not scale well in practice
as the fully data access may easily yield harm for user privacy. To securely introduce an
effective solution, we should guarantee the privacy of search contents, i.e. what a user wants to
search, and return results, i.e. what a server returns to the user. Furthermore, we also need to
guarantee privacy for the outsourced data, and bring no additional local search burden to user. In
this paper, we design a novel privacy-preserving functional encryption based search mechanism

over encrypted cloud data. A major advantage of our new primitive compared to the existing
public key based search systems is that it supports an extreme expressive search mode, regular
language search. Our security and performance analysis show that the proposed system is
provably secure and more efficient than some searchable systems with high expressiveness.
Secure Face Unlock: Spoof Detection on Smartphones
Abstract - With the wide deployment of face recognition systems in applications from de-
duplication to mobile device unlocking, security against face spoofing attacks requires increased
attention; such attacks can be easily launched via printed photos, video replays and 3D masks of
a face. We address the problem of face spoof detection against print (photo) and replay (photo or
video) attacks based on the analysis of image distortion (e.g., surface reflection, moir´e pattern,
color distortion, and shape deformation) in spoof face images (or video frames). The application
domain of interest is smartphone unlock, given that growing number of smartphones have face
unlock and mobile payment capabilities. We build an unconstrained smartphone spoof attack
database (MSU USSA) containing more than 1; 000 subjects. Both print and replay attacks are
captured using the front and rear cameras of a Nexus 5 smartphone. We analyze the image
distortion of print and replay attacks using different (i) intensity channels (R, G, B and
grayscale), (ii) image regions (entire image, detected face, and facial component between the
nose and chin), and (iii) feature descriptors. We develop an efficient face spoof detection system
on an Android smartphone. Experimental results on the public-domain Idiap Replay-Attack,
CASIA FASD, and MSU-MFSD databases, and the MSU USSA database show that the
proposed approach is effective in face spoof detection for both cross-database and intra-database
testing scenarios. User studies of our Android face spoof detection system involving 20
participants show that the proposed approach works very well in real application scenarios.
A Dummy-Based Approach for Preserving Source Rate Privacy
Abstract - Recent studies reveal that an adversary might trace the apparently insignificant traffic
rate of source nodes over the net and turn such data to invaluable information so as to breach the

privacy of the victim sources. Inhibiting the adversary of being able to extract information from
the traffic rate of source nodes is a complicated task unless taking into consideration the flow
conservation law effect of the transmitter queue. A reliable method of preserving the rate privacy
that copes with the flow conservation law is to transmit original packets augmented with
probabilistically dummy ones so as to change the observable aggregated traffic rate. Augmenting
dummy packets, however, bears redundancy, and hence, requires extra resources in terms of
bandwidth and buffer requirements, and more importantly suggests higher transmitting energy
consumption. Grounded on the queueing and information theories, in this paper, we present an
efficient method that minimally augments dummy packets to preserve the source rate privacy at a
given degree while preserving the delay distribution of the original packets intact, and thus does
not affect the quality of service parameters of the transmitted data in terms of delay and jitter.
The presented method models the original packets and dummy ones with a preemptive resume 2-
priority queueing system and then using information theory attempts to maximize the Fano lower
bound of the best estimation of the adversary's speculation. All of the theoretically obtained
results have been validated by conducting simulation experiments.
Rethinking Permission Enforcement Mechanism on Mobile Systems
Abstract - To protect sensitive resources from unauthorized use, modern mobile systems, such
as Android and iOS, design a permission-based access control model. However, current model
could not enforce fine-grained control over the dynamic permission use contexts, causing two
severe security problems. First, any code package in an application could use the granted
permissions, inducing attackers to embed malicious payloads into benign apps. Second, the
permissions granted to a benign application may be utilized by an attacker through vulnerable
application interactions. Although ad hoc solutions have been proposed, none could
systematically solve these two issues within a unified framework. This paper presents the first
such framework to provide context-sensitive permission enforcement that regulates permission
use policies according to system-wide application contexts, which cover both intra-application
context and inter-application context. We build a prototype system on Android, named
FineDroid, to track such context during the application execution. To flexibly regulate context-

sensitive permission rules, FineDroid features a policy framework that could express generic
application contexts. We demonstrate the benefits of FineDroid by instantiating several security
extensions based on the policy framework, for three potential users: end-users, administrators
and developers. Furthermore, FineDroid is showed to introduce a minor overhead.
Design, Evaluation, and Optimization of Physical Unclonable Functions Based on
Transient Effect Ring Oscillators
Abstract - This paper proposes a theoretical study and a full overview of the design, evaluation,
and optimization of a PUF based on transient element ring oscillators (TERO-PUF). We show
how, by following some simple design rules and strategies, designers can build and optimize a
TERO-PUF with the state-of-the-art PUF characteristics in a standard CMOS technology. To this
end, we analyzed the uniqueness, steadiness, and randomness of responses generated from 30
test chips in a CMOS 350-nm process in nominal and corner voltage and temperature conditions.
Response generation schemes are proposed and discussed to optimize the PUF performances and
reduce its area without noticeable loss in its output quality. In particular, we show that the large
area of the basic blocks in the TERO-PUF is balanced by the high level of entropy extracted in
each basic block. Guidelines are provided to balance reliability and randomness of the responses
and the design area.
A Data Exfiltration and Remote Exploitation Attack on Consumer 3D Printers
Abstract - With the increased popularity of 3D printers in homes, and industry sectors such as
biomedical and manufacturing, the potential for cybersecurity risks must be carefully considered.
Risks may arise from factors such as printer manufacturers not having requisite levels of security
awareness, and not fully understanding the need for security measures to protect intellectual
property, and other sensitive data that is stored, accessed and transmitted from such devices. This
paper examines the security features of two different models of MakerBot Industries’ consumer-
oriented 3D printers and proposes an attack technique that is able to, not only, exfiltrate sensitive
data, but also allow for remote manipulation of these devices. The attack steps are discretely
modeled using a threat model to enable formal representation of the attack. Specifically, we

found that the printers stored the previously printed and currently printing objects on an
unauthenticated web server. We also ascertain that the transport layer security implementation on
these devices was flawed, which severely affected the security of these devices and allowed for
remote exploitation. Countermeasures to the attack that are implementable by both the
manufacturer and the user of the printer are presented.
Identity-Based Proxy-Oriented Data Uploading and Remote Data Integrity Checking in
Public Cloud
Abstract - More and more clients would like to store their data to public cloud servers (PCSs)
along with the rapid development of cloud computing. New security problems have to be solved
in order to help more clients process their data in public cloud. When the client is restricted to
access PCS, he will delegate its proxy to process his data and upload them. On the other hand,
remote data integrity checking is also an important security problem in public cloud storage. It
makes the clients check whether their outsourced data are kept intact without downloading the
whole data. From the security problems, we propose a novel proxy-oriented data uploading and
remote data integrity checking model in identity-based public key cryptography: identity-based
proxy-oriented data uploading and remote data integrity checking in public cloud (ID-PUIC). We
give the formal definition, system model, and security model. Then, a concrete ID-PUIC
protocol is designed using the bilinear pairings. The proposed ID-PUIC protocol is provably
secure based on the hardness of computational Diffie-Hellman problem. Our ID-PUIC protocol
is also efficient and flexible. Based on the original client's authorization, the proposed ID-PUIC
protocol can realize private remote data integrity checking, delegated remote data integrity
checking, and public remote data integrity checking.
Virus Propagation Modeling and Convergence Analysis in Large Scale Networks
Abstract - Biological epidemic models, widely used to model computer virus propagations,
suffer from either limited scalability to large networks, or accuracy loss resulting from
simplifying approximations. In this paper, a discrete-time absorbing Markov process is

constructed to precisely characterize virus propagations. Conducting eigenvalue analysis and
Jordan decomposition to the process, we prove that the virus extinction rate, i.e., the rate at
which the Markov process converges to a virusfree absorbing state, is bounded. The bounds,
depending on the infection and curing probabilities, and the minimum degree of the network
topology, have closed forms. We also reveal that the minimum curing probability for a given
extinction rate requirement, specified through the upper bound, is independent of the explicit size
of the network. As a result, we can interpret the extinction rate requirement of a large network
with that of a much smaller one, evaluate its minimum curing requirement, and achieve
simplifications with negligible loss of accuracy. Simulation results corroborate the effectiveness
of the interpretation, as well as its analytical accuracy in large networks.
Private Cell Retrieval From Data Warehouses
Abstract - Publicly accessible data warehouses are an indispensable resource for data analysis.
However, they also pose a significant risk to the privacy of the clients, since a data warehouse
operator may follow the client's queries and infer what the client is interested in. Private
information retrieval (PIR) techniques allow the client to retrieve a cell from a data warehouse
without revealing to the operator which cell is retrieved and, therefore, protects the privacy of the
client's queries. However, PIR cannot be used to hide online analytical processing (OLAP)
operations performed by the client, which may disclose the client's interest. This paper presents a
solution for private cell retrieval from a data warehouse on the basis of the Paillier cryptosystem.
By our solution, the client can privately perform OLAP operations on the data warehouse and
retrieve one (or more) cell without revealing any information about which cell is selected. In
addition, we propose a solution for private block download on the basis of the Paillier
cryptosystem. Our private block download allows the client to download an encrypted block
from a data warehouse without revealing which block in a cloaking region is downloaded and
improves the feasibility of our private cell retrieval. Our solutions ensure both the server's
privacy and the client's privacy. Our experiments have shown that our solutions are practical.

Against Double Fault Attacks: Injection Effort Model, Space and Time Randomization
Based Countermeasures for Reconfigurable Array Architecture
Abstract - With the increasing accuracy of fault injections, it has become possible to inject two
faults into specific circuit regions precisely at a certain time. Unfortunately, most existing fault
attack countermeasures are based on the single fault assumption, and it is, therefore, very
difficult to resist double fault attacks. Reconfigurable array architecture (RAA) has the ability to
introduce spatial and time randomness by dynamic reconfiguration, which can alleviate the threat
of double fault attacks. This paper, for the first time, analyzes the double fault attack issues in the
fault injection phase systematically. An evaluation model, named injection effort model (IEM),
is proposed to quantify the efforts of a successful fault injection. In IEM, the real injection
process is described mathematically using the probability method, so that a theoretical basis can
be provided for the corresponding countermeasure design. Based on the concept of spatial and
time randomization, three countermeasures are implemented on RAA for the purpose of
decreasing the implementation overhead under the premise of ensuring the security. When these
countermeasures are adopted, tradeoffs can be made between the double fault resistance and the
extra overhead through changing the degree of randomness. Experiments are carried out to
analyze the relationship between the resistance and the overhead using Advanced Encryption
Standard (AES), Data Encryption Standard (DES), and Camellia. When the overhead constraints
in terms of throughput, hardware resources, and energy are 5%, 35%, and 10% respectively, the
double fault resistance can increase by two to four orders of magnitude (ranging from 824 to 10
149 for different algorithms).
Simultaneously Generating Secret and Private Keys in a Cooperative Pairwise-
Independent Network
Abstract - This paper studies the problem of simultaneously generating a secret key (SK) and a
private key (PK) between Alice and Bob, in a cooperative pairwise-independent network (PIN)
with two relays. In the PIN, the pairwise source observed by every pair of terminals is
independent of those sources observed by any other pairs. The SK needs to be protected from

Eve, while the PK needs to be protected not only from Eve but also from the two relays. Two
cooperative SK-PK generation algorithms are proposed: both of them first generate common
randomness, based on the well-established pairwise key generation technique and the application
of the one-time pad; but then, the two algorithms utilize the XOR operation and a specific
random-binning-based SK-PK codebook to generate the expected keys, respectively. The
achievable SK-PK rate regions of both the two proposed algorithms are analyzed. Of particular
interest is the second algorithm with random-bing based codebook, whose achievable key rate
region is demonstrated to be exactly the same as the derived outer bound, a crucial step for
establishing the key capacity of this PIN model. Finally, the two proposed SK-PK generation
algorithms are extended to a cooperative wireless network, where the correlated source
observations are obtained from estimating wireless channels during a training phase.
ICCDetector: ICC-Based Malware Detection on Android
Abstract - Most existing mobile malware detection methods (e.g., Kirin and DroidMat) are
designed based on the resources required by malwares (e.g., permissions, application
programming interface (API) calls, and system calls). These methods capture the interactions
between mobile apps and Android system, but ignore the communications among components
within or cross application boundaries. As a consequence, the majority of the existing methods
are less effective in identifying many typical malwares, which require a few or no suspicious
resources, but leverage on inter-component communication (ICC) mechanism when launching
stealthy attacks. To address this challenge, we propose a new malware detection method, named
ICCDetector. ICCDetector outputs a detection model after training with a set of benign apps and
a set of malwares, and employs the trained model for malware detection. The performance of
ICCDetector is evaluated with 5264 malwares, and 12026 benign apps. Compared with our
benchmark, which is a permission-based method proposed by Peng et al. in 2012 with an
accuracy up to 88.2%, ICCDetector achieves an accuracy of 97.4%, roughly 10% higher than the
benchmark, with a lower false positive rate of 0.67%, which is only about a half of the
benchmark. After manually analyzing false positives, we discover 43 new malwares from the
benign data set, and reduce the number of false positives to seven. More importantly,

ICCDetector discovers 1708 more advanced malwares than the benchmark, while it misses 220
obvious malwares, which can be easily detected by the benchmark. For the detected malwares,
ICCDetector further classifies them into five newly defined malware categories, which help
understand the relationship between malicious behaviors and ICC characteristics. We also
provide a systemic analysis of ICC patterns of benign apps and malwares.
Design and Fabrication of 3D Fingerprint Targets
Abstract - Standard targets are typically used for structural (white-box) evaluation of fingerprint
readers, e.g., for calibrating imaging components of a reader. However, there is no standard
method for behavioral (black-box) evaluation of fingerprint readers in operational settings where
variations in finger placement by the user are encountered. The goal of this research is to design
and fabricate 3D targets for repeatable behavioral evaluation of fingerprint readers. 2D
calibration patterns with known characteristics (e.g. sinusoidal gratings of pre-specified
orientation and frequency, fingerprints with known singular points and minutiae) are projected
onto a generic 3D finger surface to create electronic 3D targets. A state-of-the-art 3D printer
(Stratasys Objet350 Connex) is used to fabricate wearable 3D targets with materials similar in
hardness and elasticity to the human finger skin. The 3D printed targets are cleaned using 2M
NaOH solution to obtain evaluation-ready 3D targets. Our experimental results show that (i)
features present in the 2D calibration pattern are preserved during the creation of the electronic
3D target, (ii) features engraved on the electronic 3D target are preserved during the physical 3D
target fabrication, and (iii) intra-class variability between multiple impressions of the physical
3D target is small. We also demonstrate that the generated 3D targets are suitable for behavioral
evaluation of three different (500/1000 ppi) PIV/Appendix F certified optical fingerprint readers
in the operational settings.
One-Class Writer-Independent Offline Signature Verification Using Feature Dissimilarity
Thresholding
Abstract - Usual handwritten signature verification systems address the writer-independent (WI)
approach using only bi-class robust classifiers to deal with the most challenging tasks. Indeed,

WI concept, the reduced size of references and one-class signature verification are still open
issues in practical cases. In this paper, we propose a one-class WI system using feature
dissimilarity measures thresholding for classification and a reduced number of references. The
proposed system involves the use of contourlet transform-based directional code co-occurrence
matrix feature generation method. The verification is achieved through a WI threshold which is
automatically selected using a new signature stability criterion. The proposed WI concept is
besides addressed through the mixture of different writers' data sets in both the design and
verification stages. Experimental results show the effectiveness of the proposed system in spite
of the strict verification protocol using the one-class concept, a unique threshold for accepting or
rejecting a questioned signature, the reduced number of writers, and the limited number of
reference signatures.
Artificial-Noise-Aided Message Authentication Codes With Information-Theoretic Security
Abstract - In the past, two main approaches for the purpose of authentication, including
information-theoretic authentication codes and complexity-theoretic message authentication
codes (MACs), were almost independently developed. In this paper, we consider to construct
new MACs, which are both computationally secure and information-theoretically secure.
Essentially, we propose a new cryptographic primitive, namely, artificial-noise-aided MACs
(ANA-MACs), where artificial noise is used to interfere with the complexity-theoretic MACs
and quantization is further employed to facilitate packet-based transmission. With a channel
coding formulation of key recovery in the MACs, the generation of standard authentication tags
can be seen as an encoding process for the ensemble of codes, where the shared key between
Alice and Bob is considered as the input and the message is used to specify a code from the
ensemble of codes. Then, we show that artificial noise in ANA-MACs can be well employed to
resist the key recovery attack even if the opponent has an unlimited computing power. Finally, a
pragmatic approach for the analysis of ANA-MACs is provided, and we show how to balance the
three performance metrics, including the completeness error, the false acceptance probability,
and the conditional equivocation about the key. The analysis can be well applied to a class of
ANA-MACs, where MACs with Rijndael cipher are employed.

Fingerprint Liveness Detection Using Convolutional Neural Networks
Abstract - With the growing use of biometric authentication systems in the recent years, spoof
fingerprint detection has become increasingly important. In this paper, we use convolutional
neural networks (CNNs) for fingerprint liveness detection. Our system is evaluated on the data
sets used in the liveness detection competition of the years 2009, 2011, and 2013, which
comprises almost 50 000 real and fake fingerprints images. We compare four different models:
two CNNs pretrained on natural images and fine-tuned with the fingerprint images, CNN with
random weights, and a classical local binary pattern approach. We show that pretrained CNNs
can yield the state-of-the-art results with no need for architecture or hyperparameter selection.
Data set augmentation is used to increase the classifiers performance, not only for deep
architectures but also for shallow ones. We also report good accuracy on very small training sets
(400 samples) using these large pretrained networks. Our best model achieves an overall rate of
97.1% of correctly classified samples-a relative improvement of 16% in test error when
compared with the best previously published results. This model won the first prize in the
fingerprint liveness detection competition 2015 with an overall accuracy of 95.5%
Cryptographic Hierarchical Access Control for Dynamic Structures
Abstract - A hierarchical key assignment scheme is a method to assign some private information
and encryption keys to a set of classes in a partially ordered hierarchy, in such a way that the
private information of a higher class can be used to derive the keys of all classes lower down in
the hierarchy. Sometimes, it is necessary to make dynamic updates to the hierarchy, in order to
implement an access control policy which evolves with time. All security models for hierarchical
key assignment schemes have been designed to cope with static hierarchies and do not consider
the issue of performing dynamic updates to the hierarchy. In this work we define the concept of
hierarchical key assignment schemes supporting dynamic updates, formalizing the relative
security model. In particular, we provide the notion of security with respect to key
indistinguishability, by taking into account the dynamic changes to the hierarchy. Moreover, we
show how to construct a hierarchical key assignment scheme supporting dynamic updates, by

using as a building block a symmetric encryption scheme. The proposed construction is provably
secure with respect to key indistinguishability, provides efficient key derivation and updating
procedures, while requiring each user to store only a single private key.
A high-security EEG-based login system with RSVP stimuli and dry electrodes
Abstract - Lately, EEG-based authentication has received considerable attention from the
scientific community. However, the limited usability of wet EEG electrodes as well as low
accuracy for large numbers of users have so far prevented this new technology to become
commonplace. In this study a novel EEGbased authentication system is presented, which is
based on the RSVP paradigm and uses a knowledge-based approach for authentication. 29
subjects’ data were recorded and analyzed with wet EEG electrodes as well as dry ones. A true
acceptance rate of 100% can be reached for all subjects with an average required login time of
13.5 s for wet and 27.0 s for dry electrodes. Average false acceptance rates for the dry electrode
setup were estimated to be 3.3310-5.
SUPPORT OFFERED TO REGISTERED STUDENTS:
1. IEEE Base paper.
2. Review material as per individuals’ university guidelines
3. Future Enhancement
4. assist in answering all critical questions
5. Training on programming language
6. Complete Source Code.
7. Final Report / Document
8. International Conference / International Journal Publication on your Project.
FOLLOW US ON FACEBOOK @ TSYS Academic Projects

IEEE Information forensic and security Title and Abstract 2016

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (9)

Similar to IEEE Information forensic and security Title and Abstract 2016

Similar to IEEE Information forensic and security Title and Abstract 2016 (20)

Recently uploaded

Recently uploaded (20)

IEEE Information forensic and security Title and Abstract 2016