Data Security

A special issue of Electronics (ISSN 2079-9292). This special issue belongs to the section "Networks".

Deadline for manuscript submissions: closed (31 July 2021) | Viewed by 56758

Special Issue Editor

Division of Information Technology & Management, Department of Industrial Engineering, Seoul National University of Science and Technology, Seoul 01811, Republic of Korea
Interests: information security; data security; privacy protection; applied cryptography
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

The explosive growth of data and the new values created from data through state-of-the-art technology have had a profound impact on existing industries, leading to a paradigm shift called the Fourth Industrial Revolution. This rapid increase in the ability to use data has also had a huge effect on information security.

First, as a big trend in the field of information security, researchers are working to address a variety of privacy and security issues that limit data utilization. For example, much research is being conducted to enable data analysis using private sensitive data without exposing the data. Particularly, studies are seeking ways to perform data analysis with private sensitive data and non-sensitive data jointly without violating privacy-related regulations such as GDPR (General Data Protection Regulation).

Second, the development of data analysis technology contributes to the qualitative improvement of each element of technology in the information security field.

Recently, the deep learning technology has contributed greatly to the improvement of security technologies such as intrusion detection and authentication, and has been applied to many other information security fields.

This Special Issue seeks papers on these subjects. High-quality research in these areas is expected to increase the safety and availability of data analysis in the age of data, called the Fourth Industrial Revolution.

Topics of interest include but are not limited to the following:

  • Cryptographic approach for privacy-preserving data analysis
  • Methods for privacy-preserving computing such as differential privacy
  • Privacy attacks, e.g., AI-based attacks or privacy leakage from AI models
  • Private information collection, storage, aggregation, and retrieval
  • Security analysis in distributed systems
  • Secure data storage
  • Prediction of cyber attacks based on data analysis
  • Machine learning for cyber security
  • Security and privacy in machine learning
  • Abnormality detection in data science

Prof. Dr. Younho Lee
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Electronics is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • information security
  • data security
  • privacy protection
  • applied cryptography

Published Papers (16 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

42 pages, 2364 KiB  
Article
Exploiting the Outcome of Outlier Detection for Novel Attack Pattern Recognition on Streaming Data
by Michael Heigl, Enrico Weigelt, Andreas Urmann, Dalibor Fiala and Martin Schramm
Electronics 2021, 10(17), 2160; https://doi.org/10.3390/electronics10172160 - 04 Sep 2021
Cited by 4 | Viewed by 2667
Abstract
Future-oriented networking infrastructures are characterized by highly dynamic Streaming Data (SD) whose volume, speed and number of dimensions increased significantly over the past couple of years, energized by trends such as Software-Defined Networking or Artificial Intelligence. As an essential core component of network [...] Read more.
Future-oriented networking infrastructures are characterized by highly dynamic Streaming Data (SD) whose volume, speed and number of dimensions increased significantly over the past couple of years, energized by trends such as Software-Defined Networking or Artificial Intelligence. As an essential core component of network security, Intrusion Detection Systems (IDS) help to uncover malicious activity. In particular, consecutively applied alert correlation methods can aid in mining attack patterns based on the alerts generated by IDS. However, most of the existing methods lack the functionality to deal with SD data affected by the phenomenon called concept drift and are mainly designed to operate on the output from signature-based IDS. Although unsupervised Outlier Detection (OD) methods have the ability to detect yet unknown attacks, most of the alert correlation methods cannot handle the outcome of such anomaly-based IDS. In this paper, we introduce a novel framework called Streaming Outlier Analysis and Attack Pattern Recognition, denoted as SOAAPR, which is able to process the output of various online unsupervised OD methods in a streaming fashion to extract information about novel attack patterns. Three different privacy-preserving, fingerprint-like signatures are computed from the clustered set of correlated alerts by SOAAPR, which characterizes and represents the potential attack scenarios with respect to their communication relations, their manifestation in the data’s features and their temporal behavior. Beyond the recognition of known attacks, comparing derived signatures, they can be leveraged to find similarities between yet unknown and novel attack patterns. The evaluation, which is split into two parts, takes advantage of attack scenarios from the widely-used and popular CICIDS2017 and CSE-CIC-IDS2018 datasets. Firstly, the streaming alert correlation capability is evaluated on CICIDS2017 and compared to a state-of-the-art offline algorithm, called Graph-based Alert Correlation (GAC), which has the potential to deal with the outcome of anomaly-based IDS. Secondly, the three types of signatures are computed from attack scenarios in the datasets and compared to each other. The discussion of results, on the one hand, shows that SOAAPR can compete with GAC in terms of alert correlation capability leveraging four different metrics and outperforms it significantly in terms of processing time by an average factor of 70 in 11 attack scenarios. On the other hand, in most cases, all three types of signatures seem to reliably characterize attack scenarios such that similar ones are grouped together, with up to 99.05% similarity between the FTP and SSH Patator attack. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

30 pages, 984 KiB  
Article
Experimental Cyber Attack Detection Framework
by Cătălin Mironeanu, Alexandru Archip, Cristian-Mihai Amarandei and Mitică Craus
Electronics 2021, 10(14), 1682; https://doi.org/10.3390/electronics10141682 - 14 Jul 2021
Cited by 5 | Viewed by 4287
Abstract
Digital security plays an ever-increasing, crucial role in today’s information-based society. The variety of threats and attack patterns has dramatically increased with the advent of digital transformation in our lives. Researchers in both public and private sectors have tried to identify new means [...] Read more.
Digital security plays an ever-increasing, crucial role in today’s information-based society. The variety of threats and attack patterns has dramatically increased with the advent of digital transformation in our lives. Researchers in both public and private sectors have tried to identify new means to counteract these threats, seeking out-of-the-box ideas and novel approaches. Amongst these, data analytics and artificial intelligence/machine learning tools seem to gain new ground in digital defence. However, such instruments are used mainly offline with the purpose of auditing existing IDS/IDPS solutions. We submit a novel concept for integrating machine learning and analytical tools into a live intrusion detection and prevention solution. This approach is named the Experimental Cyber Attack Detection Framework (ECAD). The purpose of this framework is to facilitate research of on-the-fly security applications. By integrating offline results in real-time traffic analysis, we could determine the type of network access as a legitimate or attack pattern, and discard/drop the latter. The results are promising and show the benefits of such a tool in the early prevention stages of both known and unknown cyber-attack patterns. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

16 pages, 5080 KiB  
Article
Deep Character-Level Anomaly Detection Based on a Convolutional Autoencoder for Zero-Day Phishing URL Detection
by Seok-Jun Bu and Sung-Bae Cho
Electronics 2021, 10(12), 1492; https://doi.org/10.3390/electronics10121492 - 21 Jun 2021
Cited by 24 | Viewed by 3542
Abstract
Considering the fatality of phishing attacks, the data-driven approach using massive URL observations has been verified, especially in the field of cyber security. On the other hand, the supervised learning approach relying on known attacks has limitations in terms of robustness against zero-day [...] Read more.
Considering the fatality of phishing attacks, the data-driven approach using massive URL observations has been verified, especially in the field of cyber security. On the other hand, the supervised learning approach relying on known attacks has limitations in terms of robustness against zero-day phishing attacks. Moreover, it is known that it is critical for the phishing detection task to fully exploit the sequential features from the URL characters. Taken together, to ensure both sustainability and intelligibility, we propose the combination of a convolution operation to model the character-level URL features and a deep convolutional autoencoder (CAE) to consider the nature of zero-day attacks. Extensive experiments on three real-world datasets consisting of 222,541 URLs showed the highest performance among the latest deep-learning methods. We demonstrated the superiority of the proposed method by receiver-operating characteristic (ROC) curve analysis in addition to 10-fold cross-validation and confirmed that the sensitivity improved by 3.98% compared to the latest deep model. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

13 pages, 1385 KiB  
Article
Multi-Scale, Class-Generic, Privacy-Preserving Video
by Zhixiang Zhang, Thomas Cilloni, Charles Walter and Charles Fleming
Electronics 2021, 10(10), 1172; https://doi.org/10.3390/electronics10101172 - 14 May 2021
Cited by 5 | Viewed by 1656
Abstract
In recent years, high-performance video recording devices have become ubiquitous, posing an unprecedented challenge to preserving personal privacy. As a result, privacy-preserving video systems have been receiving increased attention. In this paper, we present a novel privacy-preserving video algorithm that uses semantic segmentation [...] Read more.
In recent years, high-performance video recording devices have become ubiquitous, posing an unprecedented challenge to preserving personal privacy. As a result, privacy-preserving video systems have been receiving increased attention. In this paper, we present a novel privacy-preserving video algorithm that uses semantic segmentation to identify regions of interest, which are then anonymized with an adaptive blurring algorithm. This algorithm addresses two of the most important shortcomings of existing solutions: it is multi-scale, meaning it can identify and uniformly anonymize objects of different scales in the same image, and it is class-generic, so it can be used to anonymize any class of objects of interest. We show experimentally that our algorithm achieves excellent anonymity while preserving meaning in the visual data processed. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

18 pages, 15027 KiB  
Article
An Efficient Search Algorithm for Large Encrypted Data by Homomorphic Encryption
by Pyung Kim, Eunji Jo and Younho Lee
Electronics 2021, 10(4), 484; https://doi.org/10.3390/electronics10040484 - 18 Feb 2021
Cited by 2 | Viewed by 2981
Abstract
The purpose of this study is to provide an efficient search function over a large amount of encrypted data, where the bit length of each item is several tens of bits. For this purpose, we have improved the existing hybrid homomorphic encryption by [...] Read more.
The purpose of this study is to provide an efficient search function over a large amount of encrypted data, where the bit length of each item is several tens of bits. For this purpose, we have improved the existing hybrid homomorphic encryption by enabling the longer data items to be stored while using multiple encrypted databases and by suggesting an improved search method working on top of the multiple instances of the database. Further, we found the optimal number of databases to be needed when 40-bit information, such as social security number, is stored after encryption. Through experiments, we were able to check the existence of a given (Korean) social security number of 13 decimal digits in approximately 12 s from a database that has 10 million encrypted social security numbers over a typical personal computer environment. The outcome of this research can be used to build a large-scale, practical encrypted database in order to support the search operation. In addition, it is expected to be used as a method for providing both security and practicality to the industry dealing with credit information evaluation and personal data requiring privacy. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

24 pages, 2981 KiB  
Article
A Hierarchical Approach for Android Malware Detection Using Authorization-Sensitive Features
by Hui Chen, Zhengqiang Li, Qingshan Jiang, Abdur Rasool and Lifei Chen
Electronics 2021, 10(4), 432; https://doi.org/10.3390/electronics10040432 - 10 Feb 2021
Cited by 5 | Viewed by 2570
Abstract
Android’s openness has made it a favorite for consumers and developers alike, driving strong app consumption growth. Meanwhile, its popularity also attracts attackers’ attention. Android malware is continually raising issues for the user’s privacy and security. Hence, it is of great practical value [...] Read more.
Android’s openness has made it a favorite for consumers and developers alike, driving strong app consumption growth. Meanwhile, its popularity also attracts attackers’ attention. Android malware is continually raising issues for the user’s privacy and security. Hence, it is of great practical value to develop a scientific and versatile system for Android malware detection. This paper presents a hierarchical approach to design a malware detection system for Android. It extracts four authorization-sensitive features: basic blocks, permissions, Application Programming Interfaces (APIs), and key functions, and layer-by-layer detects malware based on the similar module and the proposed deep learning model Convolutional Neural Network and eXtreme Gradient Boosting (CNNXGB). This detection approach focuses not only on classification but also on the details of the similarities between malware software. We serialize the key function in light of the sequence of API calls and pick up a similar module that captures the global semantics of malware. We propose a new method to convert the basic block into a multichannel picture and use Convolutional Neural Network (CNN) to learn features. We extract permissions and API calls based on their called frequency and train the classification model by XGBoost. A dynamic similar module feature library is created based on the extracted features to assess the sample’s behavior. The model is trained by utilizing 11,327 Android samples collected from Github, Google Play, Fdroid, and VirusShare. Promising experimental results demonstrate a higher accuracy of the proposed approach and its potential to detect Android malware attacks and reduce Android users’ security risks. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

22 pages, 1120 KiB  
Article
BugMiner: Mining the Hard-to-Reach Software Vulnerabilities through the Target-Oriented Hybrid Fuzzer
by Fayozbek Rustamov, Juhwan Kim, Jihyeon Yu, Hyunwook Kim and Joobeom Yun
Electronics 2021, 10(1), 62; https://doi.org/10.3390/electronics10010062 - 31 Dec 2020
Cited by 2 | Viewed by 2751
Abstract
Greybox Fuzzing is the most reliable and essentially powerful technique for automated software testing. Notwithstanding, a majority of greybox fuzzers are not effective in directed fuzzing, for example, towards complicated patches, as well as towards suspicious and critical sites. To overcome these limitations [...] Read more.
Greybox Fuzzing is the most reliable and essentially powerful technique for automated software testing. Notwithstanding, a majority of greybox fuzzers are not effective in directed fuzzing, for example, towards complicated patches, as well as towards suspicious and critical sites. To overcome these limitations of greybox fuzzers, Directed Greybox Fuzzing (DGF) approaches were recently proposed. Current DGFs are powerful and efficient approaches that can compete with Coverage-Based Fuzzers. Nevertheless, DGFs neglect to accomplish stability between usefulness and proficiency, and random mutations make it hard to handle complex paths. To alleviate this problem, we propose an innovative methodology, a target-oriented hybrid fuzzing tool that utilizes a fuzzer and dynamic symbolic execution (also referred to as a concolic execution) engine. Our proposed method aims to generate inputs that can quickly reach the target sites in each sequence and trigger potential hard-to-reach vulnerabilities in the program binary. Specifically, to dive deep into the target binary, we designed a proposed technique named BugMiner, and to demonstrate the capability of our implementation, we evaluated it comprehensively on bug hunting and crash reproduction. Evaluation results showed that our proposed implementation could not only trigger hard-to-reach bugs 3.1, 4.3, 2.9, 2.0, 1.8, and 1.9 times faster than Hawkeye, AFLGo, AFL, AFLFast, QSYM, and ParmeSan respectively but also scale to several real-world programs. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

20 pages, 1170 KiB  
Article
Privacy-Preserving K-Nearest Neighbors Training over Blockchain-Based Encrypted Health Data
by Rakib Ul Haque, A S M Touhidul Hasan, Qingshan Jiang and Qiang Qu
Electronics 2020, 9(12), 2096; https://doi.org/10.3390/electronics9122096 - 09 Dec 2020
Cited by 16 | Viewed by 3244
Abstract
Numerous works focus on the data privacy issue of the Internet of Things (IoT) when training a supervised Machine Learning (ML) classifier. Most of the existing solutions assume that the classifier’s training data can be obtained securely from different IoT data providers. The [...] Read more.
Numerous works focus on the data privacy issue of the Internet of Things (IoT) when training a supervised Machine Learning (ML) classifier. Most of the existing solutions assume that the classifier’s training data can be obtained securely from different IoT data providers. The primary concern is data privacy when training a K-Nearest Neighbour (K-NN) classifier with IoT data from various entities. This paper proposes secure K-NN, which provides a privacy-preserving K-NN training over IoT data. It employs Blockchain technology with a partial homomorphic cryptosystem (PHC) known as Paillier in order to protect all participants (i.e., IoT data analyst C and IoT data provider P) data privacy. When C analyzes the IoT data of P, both participants’ privacy issue arises and requires a trusted third party. To protect each candidate’s privacy and remove the dependency on a third-party, we assemble secure building blocks in secure K-NN based on Blockchain technology. Firstly, a protected data-sharing platform is developed among various P, where encrypted IoT data is registered on a shared ledger. Secondly, the secure polynomial operation (SPO), secure biasing operations (SBO), and secure comparison (SC) are designed using the homomorphic property of Paillier. It shows that secure K-NN does not need any trusted third-party at the time of interaction, and rigorous security analysis demonstrates that secure K-NN protects sensitive data privacy for each P and C. The secure K-NN achieved 97.84%, 82.33%, and 76.33% precisions on BCWD, HDD, and DD datasets. The performance of secure K-NN is precisely similar to the general K-NN and outperforms all the previous state of art methods. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

14 pages, 2446 KiB  
Article
Improving the Performance of RLizard on Memory-Constraint IoT Devices with 8-Bit ATmega MCU
by Jin-Kwan Jeon, In-Won Hwang, Hyun-Jun Lee and Younho Lee
Electronics 2020, 9(9), 1549; https://doi.org/10.3390/electronics9091549 - 22 Sep 2020
Viewed by 2273
Abstract
We propose an improved RLizard implementation method that enables the RLizard key encapsulation mechanism (KEM) to run in a resource-constrained Internet of Things (IoT) environment with an 8-bit micro controller unit (MCU) and 8–16 KB of SRAM. Existing research has shown that the [...] Read more.
We propose an improved RLizard implementation method that enables the RLizard key encapsulation mechanism (KEM) to run in a resource-constrained Internet of Things (IoT) environment with an 8-bit micro controller unit (MCU) and 8–16 KB of SRAM. Existing research has shown that the proposed method can function in a relatively high-end IoT environment, but there is a limitation when applying the existing implementation to our environment because of the insufficient SRAM space. We improve the implementation of the RLizard KEM by utilizing electrically erasable, programmable, read-only memory (EEPROM) and flash memory, which is possessed by all 8-bit ATmega MCUs. In addition, in order to prevent a decrease in execution time related to their use, we improve the multiplication process between polynomials utilizing the special property of the second multiplicand in each algorithm of the RLizard KEM. Thus, we reduce the required MCU clock cycle consumption. The results show that, compared to the existing code submitted to the National Institute of Standard and Technology (NIST) PQC standardization competition, the required MCU clock cycle is reduced by an average of 52%, and the memory used is reduced by approximately 77%. In this way, we verified that the RLizard KEM works well in our low-end IoT environments. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

21 pages, 3490 KiB  
Article
A New Text Classification Model Based on Contrastive Word Embedding for Detecting Cybersecurity Intelligence in Twitter
by Han-Sub Shin, Hyuk-Yoon Kwon and Seung-Jin Ryu
Electronics 2020, 9(9), 1527; https://doi.org/10.3390/electronics9091527 - 18 Sep 2020
Cited by 23 | Viewed by 4835
Abstract
Detecting cybersecurity intelligence (CSI) on social media such as Twitter is crucial because it allows security experts to respond cyber threats in advance. In this paper, we devise a new text classification model based on deep learning to classify CSI-positive and -negative tweets [...] Read more.
Detecting cybersecurity intelligence (CSI) on social media such as Twitter is crucial because it allows security experts to respond cyber threats in advance. In this paper, we devise a new text classification model based on deep learning to classify CSI-positive and -negative tweets from a collection of tweets. For this, we propose a novel word embedding model, called contrastive word embedding, that enables to maximize the difference between base embedding models. First, we define CSI-positive and -negative corpora, which are used for constructing embedding models. Here, to supplement the imbalance of tweet data sets, we additionally employ the background knowledge for each tweet corpus: (1) CVE data set for CSI-positive corpus and (2) Wikitext data set for CSI-negative corpus. Second, we adopt the deep learning models such as CNN or LSTM to extract adequate feature vectors from the embedding models and integrate the feature vectors into one classifier. To validate the effectiveness of the proposed model, we compare our method with two baseline classification models: (1) a model based on a single embedding model constructed with CSI-positive corpus only and (2) another model with CSI-negative corpus only. As a result, we indicate that the proposed model shows high accuracy, i.e., 0.934 of F1-score and 0.935 of area under the curve (AUC), which improves the baseline models by 1.76∼6.74% of F1-score and by 1.64∼6.98% of AUC. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

24 pages, 5325 KiB  
Article
An Effective Phishing Detection Model Based on Character Level Convolutional Neural Network from URL
by Ali Aljofey, Qingshan Jiang, Qiang Qu, Mingqing Huang and Jean-Pierre Niyigena
Electronics 2020, 9(9), 1514; https://doi.org/10.3390/electronics9091514 - 15 Sep 2020
Cited by 75 | Viewed by 7375
Abstract
Phishing is the easiest way to use cybercrime with the aim of enticing people to give accurate information such as account IDs, bank details, and passwords. This type of cyberattack is usually triggered by emails, instant messages, or phone calls. The existing anti-phishing [...] Read more.
Phishing is the easiest way to use cybercrime with the aim of enticing people to give accurate information such as account IDs, bank details, and passwords. This type of cyberattack is usually triggered by emails, instant messages, or phone calls. The existing anti-phishing techniques are mainly based on source code features, which require to scrape the content of web pages, and on third-party services which retard the classification process of phishing URLs. Although the machine learning techniques have lately been used to detect phishing, they require essential manual feature engineering and are not an expert at detecting emerging phishing offenses. Due to the recent rapid development of deep learning techniques, many deep learning-based methods have also been introduced to enhance the classification performance. In this paper, a fast deep learning-based solution model, which uses character-level convolutional neural network (CNN) for phishing detection based on the URL of the website, is proposed. The proposed model does not require the retrieval of target website content or the use of any third-party services. It captures information and sequential patterns of URL strings without requiring a prior knowledge about phishing, and then uses the sequential pattern features for fast classification of the actual URL. For evaluations, comparisons are provided between different traditional machine learning models and deep learning models using various feature sets such as hand-crafted, character embedding, character level TF-IDF, and character level count vectors features. According to the experiments, the proposed model achieved an accuracy of 95.02% on our dataset and an accuracy of 98.58%, 95.46%, and 95.22% on benchmark datasets which outperform the existing phishing URL models. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

23 pages, 387 KiB  
Article
Scalable Wildcarded Identity-Based Encryption with Full Security
by Jiwon Lee, Seunghwa Lee, Jihye Kim and Hyunok Oh
Electronics 2020, 9(9), 1453; https://doi.org/10.3390/electronics9091453 - 06 Sep 2020
Cited by 4 | Viewed by 1943
Abstract
Wildcarded identity-based encryption (WIBE) is an encryption system where one can encrypt messages to multiple users by specifying a pattern, which is a set of identity strings or wildcards. It is a useful primitive for practical applications where users are defined with multiple [...] Read more.
Wildcarded identity-based encryption (WIBE) is an encryption system where one can encrypt messages to multiple users by specifying a pattern, which is a set of identity strings or wildcards. It is a useful primitive for practical applications where users are defined with multiple attributes (or affiliations), such as organization networks or IoT firmware updates. However, the ciphertext size in traditional WIBE schemes are linear to the number of wildcards in the pattern; since the ciphertext size determines the payload in network systems, it degrades the practicality when deployed in transmission-sensitive systems. In this paper, we represent scalable wildcarded identity-based encryption (SWIBE), which achieves a constant-size ciphertext regardless of the number of wildcards (or depth of patterns). the SWIBE scheme also allows the wildcard usage key derivation as well as encryption: a user with wildcarded pattern can delegate keys for the fixed pattern. Compared to the existing WIBE schemes, the SWIBE scheme is the first approach to yield constant-size ciphertext. Moreover, SWIBE also improves encryption time and decryption time while maintaining a key size of 2L, comparable to the key size of L in WIBE schemes (where L is a depth of the pattern). The experimental results show that the decryption time is 3 to 10 times faster than the existing WIBE schemes, and 650 times faster than the attribute-based encryption with constant-size ciphertext. For the security, we first propose the selective-CPA-secure SWIBE scheme in a prime order bilinear group and extend it to be selective-CCA-secure. Then we also propose a fully-secure SWIBE scheme which can overcome the selective security. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

20 pages, 8685 KiB  
Article
VaultPoint: A Blockchain-Based SSI Model that Complies with OAuth 2.0
by Seongho Hong and Heeyoul Kim
Electronics 2020, 9(8), 1231; https://doi.org/10.3390/electronics9081231 - 31 Jul 2020
Cited by 16 | Viewed by 5765
Abstract
An identity management including authentication and authorization in a network environment is a critical security factor. Various models for identity management have been developed continually, from the silo model to the federated model and to the recently introduced self-sovereign identity (SSI) model. In [...] Read more.
An identity management including authentication and authorization in a network environment is a critical security factor. Various models for identity management have been developed continually, from the silo model to the federated model and to the recently introduced self-sovereign identity (SSI) model. In particular, SSI makes users manage their own information by themselves independently of any organizations. SSI utilizes the newly emerged blockchain technology and many studies of it are in progress. However, SSI has not had wide public use because of its low compatibility and inconvenience. This is because it involves an unfamiliar user experience and an immature process. To solve this problem, this paper proposes a new blockchain-based SSI model that complies with the popular and mature standard of OAuth 2.0. Using blockchain, the proposed model secures users’ data sovereignty where users can use and control their own information in a decentralized manner, instead of depending on a specific monopolistic service-providers. Users and clients who are familiar with the existing OAuth can easily accept the proposed model and apply it, which makes both usability and scalability of the model excellent. This paper confirmed the feasibility of the proposed model by implementing it and a security analysis was performed. The proposed model is expected to contribute to the expansion of both blockchain technology and SSI. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

23 pages, 8488 KiB  
Article
Efficient Implementation of Homomorphic and Fuzzy Transforms in Random-Projection Encryption Frameworks for Cancellable Face Recognition
by Abeer D. Algarni, Ghada M. El Banby, Naglaa F. Soliman, Fathi E. Abd El-Samie and Abdullah M. Iliyasu
Electronics 2020, 9(6), 1046; https://doi.org/10.3390/electronics9061046 - 24 Jun 2020
Cited by 23 | Viewed by 2816
Abstract
To circumvent problems associated with dependence on traditional security systems on passwords, Personal Identification Numbers (PINs) and tokens, modern security systems adopt biometric traits that are inimitable to each individual for identification and verification. This study presents two different frameworks for secure person [...] Read more.
To circumvent problems associated with dependence on traditional security systems on passwords, Personal Identification Numbers (PINs) and tokens, modern security systems adopt biometric traits that are inimitable to each individual for identification and verification. This study presents two different frameworks for secure person identification using cancellable face recognition (CFR) schemes. Exploiting its ability to guarantee irrevocability and rich diversity, both frameworks utilise Random Projection (RP) to encrypt the biometric traits. In the first framework, a hybrid structure combining Intuitionistic Fuzzy Logic (IFL) with RP is used to accomplish full distortion and encryption of the original biometric traits to be saved in the database, which helps to prevent unauthorised access of the biometric data. The framework involves transformation of spatial-domain greyscale pixel information to a fuzzy domain where the original biometric images are disfigured and further distorted via random projections that generate the final cancellable traits. In the second framework, cancellable biometric traits are similarly generated via homomorphic transforms that use random projections to encrypt the reflectance components of the biometric traits. Here, the use of reflectance properties is motivated by its ability to retain most image details, while the guarantee of the non-invertibility of the cancellable biometric traits supports the rationale behind our utilisation of another RP stage in both frameworks, since independent outcomes of both the IFL stage and the reflectance component of the homomorphic transform are not enough to recover the original biometric trait. Our CFR schemes are validated on different datasets that exhibit properties expected in actual application settings such as varying backgrounds, lightings, and motion. Outcomes in terms standard metrics, including structural similarity index metric (SSIM) and area under the receiver operating characteristic curve (AROC), suggest the efficacy of our proposed schemes across many applications that require person identification and verification. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Graphical abstract

21 pages, 2283 KiB  
Article
Symmetric-Key Cryptographic Routine Detection in Anti-Reverse Engineered Binaries Using Hardware Tracing
by Juhyun Park and Yongsu Park
Electronics 2020, 9(6), 957; https://doi.org/10.3390/electronics9060957 - 08 Jun 2020
Cited by 7 | Viewed by 2721
Abstract
Software uses cryptography to provide confidentiality in communication and to provide authentication. Additionally, cryptographic algorithms can be used to protect software against cracking core algorithms in software implementation. Recently, malware and ransomware have begun to use encryption to protect their codes from analysis. [...] Read more.
Software uses cryptography to provide confidentiality in communication and to provide authentication. Additionally, cryptographic algorithms can be used to protect software against cracking core algorithms in software implementation. Recently, malware and ransomware have begun to use encryption to protect their codes from analysis. As for the detection of cryptographic algorithms, previous works have had demerits in analyzing anti-reverse engineered binaries that can detect differences in analysis environments and normal execution. Here, we present a new symmetric-key cryptographic routine detection scheme using hardware tracing. In our experiments, patterns were successfully generated and detected for nine symmetric-key cryptographic algorithms. Additionally, the experimental results show that the false positive rate of our scheme is extremely low and the prototype implementation successfully bypasses anti-reversing techniques. Our work can be used to detect symmetric-key cryptographic routines in malware/ransomware with anti-reversing techniques. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

17 pages, 4916 KiB  
Article
Practical Time-Release Blockchain
by Sang-Wuk Chae, Jae-Ik Kim and Yongsu Park
Electronics 2020, 9(4), 672; https://doi.org/10.3390/electronics9040672 - 20 Apr 2020
Cited by 6 | Viewed by 2823
Abstract
Time-release cryptography is a special encryption technique that allows a message to be hidden for some time. The previous schemes have shortcomings in that the encryptor should predict the decryptor’s computing power precisely or the trusted agent should be always available. In this [...] Read more.
Time-release cryptography is a special encryption technique that allows a message to be hidden for some time. The previous schemes have shortcomings in that the encryptor should predict the decryptor’s computing power precisely or the trusted agent should be always available. In this paper, we propose a new, practical time-release blockchain, and find the key to decrypt the content after a certain time. In order to verify the effectiveness of the blockchain system automatically, which uses the proof-of-work (PoW) and the consensus algorithm in the the proposed technique, we have implemented a prototype version of our blockchain system using Python. The proposed method has the following advantages. First, the decryption time is automatically adjusted, even if the miner’s computing power changes over time. Second, unlike previous time-lock puzzle schemes, our algorithm does not require additional computation work for solving the puzzle. Third, our scheme does not need any trusted agents (third parties). Fourth, the proposed method uses standard cryptographic algorithms. Full article
(This article belongs to the Special Issue Data Security)
Show Figures

Figure 1

Back to TopTop