检索结果-内蒙古大学图书馆

29th Australian computer-Human Interaction Conference, OzCHI 2017

作者： Micallef, Nicholas Just, Mike Baillie, Lynne Alharby, Maher Australian Centre for Cyber Security School of Engineering and Information Technology University of New South Wales Canberra Australia School of Mathematical and Computer Sciences Heriot-Watt University Edinburgh United Kingdom College of Computer Science and Engineering Taibah University Medina Saudi Arabia

ISBN: (纸本)9781450353793

Privacy nudges are a "soft-paternalistic" method to nudge (instead of force) users to make more informed privacy decisions. While previous work has shown that privacy nudges are effective in encouraging users to adjust their privacy settings, current privacy nudges are considered to be annoying. Previous research found that modalities influence the effectiveness of responses to system messages. Hence, with the aim of improving the usability of privacy nudges, we conducted both a lab and a 3-day field study to empirically investigate how users perceive receiving privacy nudges using different modalities (combinations of visual, vibration, audio and speech). Our results suggest that app designers should implement privacy nudges which cede the decision of their delivery time to the users themselves. Most importantly, our findings reveal that to minimize annoyance, intrusiveness and interruption, while still being read, low priority notifications should not be delivered using salient modalities (i.e., audio or speech).1. © 2017 Association for Computing Machinery. All rights reserved.

关键词： Interactive computer systems

来源：评论

学校读者我要写书评

暂无评论

Full disclosure attack on ultralightweight mutual authentication protocol: Sasi 10

Full disclosure attack on ultralightweight mutual authentica...

引用

10th International Conference on Chaotic Modeling and Simulation, CHAOS 2017

作者： Aamir, Rizwan Khan, Liaquat Ali Mujahid, Umar Najam-Ul-Islam, M. Department of Computer Science Bahria University Islamabad Pakistan Department of Avionics Engineering Air University Islamabad Pakistan Department of Cyber Security Gwinnett-Tech Georgia United States Department of Electrical Engineering Bahria University Islamabad Pakistan

RFID is one of the most growing identification schemes in the field of ubiquitous computing. Unique identification and non-line of sight capabilities result in rapid deployment of this technology as compared to other identification schemes. In addition to functional haste, RFID incorporates wireless medium therefore security and privacy are two important concerns of RFID systems. To prevent the system from malicious adversaries in a cost effective manner, several Ultralightweight Mutual Authentication Protocols (UMAPs) have been proposed. These protocols involve simple logical operations such as XOR, AND, OR etc. and hence prove to be less secure than traditional cryptographic protocols. In this research cryptanalysis of the state of the art UMAP: SASI protocol is performed and revealed its secret ID with 100% success rate. The proposed attack model highlights the weak diffusion properties of the protocol messages and primitives.

关键词： Radio frequency identification (RFID)

来源：评论

学校读者我要写书评

暂无评论

cyberPDF: Smart and Secure Coordinate-based Automated Health PDF Data Batch Extraction

CyberPDF: Smart and Secure Coordinate-based Automated Health...

引用

IEEE International Conference on Connected Health: Applications, Systems and engineering Technologies (CHASE)

作者： Reza M. Parizi Liang Guo Yao Bian Amin Azmoodeh Ali Dehghantanha Kim-Kwang Raymond Choo Department of Software Engineering and Game Development Kennesaw State University Marietta GA USA NYC New York Institute of Technology NY USA Department of Computer Science & Engineering Shiraz University Shiraz Iran Department of Computer Science & Engineering Shiraz University Shiraz Iran Shiraz University Shiraz Fars IR Department of Information Systems and Cyber Security University of Texas at San Antonio San Antonio Texas USA

Data extraction from files is a prevalent activity in today's electronic health record systems which can be laborious. When document analysis is repetitive (e.g., processing a series of files with the same layout and extraction requirements), relying on data-entry staff to manually perform such tasks is costly and highly insecure. Particularly analyzing a large list of PDF files (as a widely used format) to extract specific data and migrate them to other destinations for later use is both tedious and frustrating to do manually. This paper addresses a very practical requirement of batch extracting data from PDF files in health data document analysis. Specifically, we propose a Coordinate Based Information Extraction System (CBIES) to instrument a smart and automatic PDF batch data extraction tool, releasing health organizations from duplicate efforts and reducing labor costs. The proposed technique enables users to query a representative PDF document and extract the same data from a series of files in the batch analysis manner swiftly. Furthermore, since security and privacy considerations are essential part of any health record systems, it is included in our approach. Based on CBIES, we implement a prototype tool for PDF batch data extraction technique named, cyberPDF. The tool exhibits great efficiency, security and accuracy in multi-file data processing, supported through an empirical evaluation in this research.

关键词： Portable document format Tools security Text analysis Information retrieval Feature extraction

来源：评论

学校读者我要写书评

暂无评论

Persistent fault analysis on block ciphers

IACR Transactions on Cryptographic Hardware and Embedded Sys...

引用

IACR Transactions on Cryptographic Hardware and Embedded Systems 2018年第3期2018卷 150-172页

作者： Zhang, Fan Lou, Xiaoxuan Zhao, Xinjie Bhasin, Shivam He, Wei Ding, Ruyi Qureshi, Samiya Ren, Kui College of Information Science and Electronic Engineering Zhejiang University China Institute of Cyber Security Research Zhejiang University China College of Computer Science and Technology Zhejiang University China The Institute of North Electronic Equipment China Nanyang Technological University Singapore Shield Laboratory Huawei International Pte. Ltd Singapore Georgia Institute of Technology GA United States

Persistence is an intrinsic nature for many errors yet has not been caught enough attractions for years. In this paper, the feature of persistence is applied to fault attacks, and the persistent fault attack is proposed. Different from traditional fault attacks, adversaries can prepare the fault injection stage before the encryption stage, which relaxes the constraint of the tight-coupled time synchronization. The persistent fault analysis (PFA) is elaborated on different implementations of AES-128, specially fault hardened implementations based on Dual Modular Redundancy (DMR). Our experimental results show that PFA is quite simple and efficient in breaking these typical implementations. To show the feasibility and practicability of our attack, a case study is illustrated on the shared library Libgcrypt with rowhammer technique. Approximately 8200 ciphertexts are enough to extract the master key of AES-128 when PFA is applied to Libgcrypt1.6.3 with redundant encryption based DMR. This work puts forward a new direction of fault attacks and can be extended to attack other implementations under more interesting scenarios. © 2018, Ruhr-University of Bochum. All rights reserved.

关键词： Side channel attack

来源：评论

学校读者我要写书评

暂无评论

Anomaly Detection Based on PMF Encoding and Adversarially Learned Inference

引用

Journal of Physics: Conference Series 2019年第5期1187卷

作者： Lin Zhang Wentai Yang Hua Gan Meng Li Xiaoming Wang Gang Liang Chengdu City Electric Power Engineering Design Company Chengdu Sichuan 610065 China College of Computer Science Sichuan University Chengdu Sichuan 610065 China College of Cyber-security Sichuan University Chengdu Sichuan 610065 China

In order to solve the problem of increasing the dimension and sparse feature space caused by the categorization coding method in the existing abnormal traffic detection problem, a coding method based on Probability Mass Function (PMF) is proposed. Secondly, in order to improve the ability of abnormal traffic detection algorithms to identify unknown attack type data and improve detection efficiency, we use Adversarially Learned Inference as the basic detection algorithm. The comparison experiments on the standard dataset show that the proposed method has improved the accuracy and detection efficiency greatly compared with the existing anomaly detection methods.

关键词：

来源：评论

学校读者我要写书评

暂无评论

Enabling strong privacy preservation and accurate task allocation for mobile crowdsensing

arXiv

引用

arXiv 2018年

作者： Ni, Jianbing Zhang, Kuan Xia, Qi Lin, Xiaodong Shen, Xuemin [Sherman] Department of Electrical and Computer Engineering University of Waterloo WaterlooONN2L3G1 Canada Department of Electrical and Computer Engineering University of Nebraska-Lincoln OmahaNE68182 United States Department of Physics and Computer Science Wilfrid Laurier University WaterlooONN2L3C5 Canada Center of Cyber Security University of Electronic Science and Technology of China Chengdu611731 China

Mobile crowdsensing engages a crowd of individuals to use their mobile devices to cooperatively collect data about social events and phenomena for special interest customers. It can reduce the cost on sensor deployment and improve data quality with human intelligence. To enhance data trustworthiness, it is critical for service provider to recruit mobile users based on their personal features, e.g., mobility pattern and reputation, but it leads to the privacy leakage of mobile users. Therefore, how to resolve the contradiction between user privacy and task allocation is challenging in mobile crowdsensing. In this paper, we propose SPOON, a strong privacy-preserving mobile crowdsensing scheme supporting accurate task allocation from geographic information and credit points of mobile users. In SPOON, the service provider enables to recruit mobile users based on their locations, and select proper sensing reports according to their trust levels without invading user privacy. By utilizing proxy reencryption and BBS+ signature, sensing tasks are protected and reports are anonymized to prevent privacy leakage. In addition, a privacy-preserving credit management mechanism is introduced to achieve decentralized trust management and secure credit proof for mobile users. Finally, we show the security properties of SPOON and demonstrate its efficiency on computation and communication. Copyright © 2018, The Authors. All rights reserved.

关键词： Network security

来源：评论

学校读者我要写书评

暂无评论

Discovering and understanding the security hazards in the interactions between iot devices, mobile apps, and clouds on smart home platforms

arXiv

引用

arXiv 2018年

作者： Zhou, Wei Jia, Yan Yao, Yao Zhu, Lipeng Guan, Le Mao, Yuhang Liu, Peng Zhang, Yuqing National Computer Network Intrusion Protection Center University of Chinese Academy of Sciences China School of Cyber Engineering Xidian University China Department of Computer Science University of Georgia United States College of Information Sciences and Technology Pennsylvania State University United States State Key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences China

A smart home connects tens of home devices to the Internet, where an IoT cloud runs various home automation applications. While bringing unprecedented convenience and accessibility, it also introduces various security hazards to users. Prior research studied smart home security from several aspects. However, we found that the complexity of the interactions among the participating entities (i.e., devices, IoT clouds, and mobile apps) has not yet been systematically investigated. In this work, we conducted an in-depth analysis of five widely-used smart home platforms. Combining firmware analysis, network traffic interception, and black-box testing, we reverse-engineered the details of the interactions among the participating entities. Based on the details, we inferred three legitimate state transition diagrams for the three entities, respectively. Using these state machines as a reference model, we identified a set of unexpected state transitions. To confirm and trigger the unexpected state transitions, we implemented a set of phantom devices to mimic a real device. By instructing the phantom devices to intervene in the normal entity-entity interactions, we have discovered several new vulnerabilities and a spectrum of attacks against real-world smart home platforms. Copyright © 2018, The Authors. All rights reserved.

关键词： Automation

来源：评论

学校读者我要写书评

暂无评论

CollabLoc: Privacy-preserving multi-modal localization via collaborative information fusion

arXiv

引用

arXiv 2017年

作者： Sadhu, Vidyasagar Pompili, Dario Zonouz, Saman Sritapan, Vincent Department of Electrical and Computer Engineering Cyber Security Division Rutgers University Department of Homeland Security Science & Technology Directorate

Mobile phones provide an excellent opportunity for building context-aware applications. In particular, location-based services are important context-aware services that are more and more used for enforcing security policies, for supporting indoor room navigation, and for providing personalized assistance. However, a major problem still remains unaddressed-the lack of solutions that work across buildings while not using additional infrastructure and also accounting for privacy and reliability needs. In this paper, a privacy-preserving, multi-modal, cross-building, collaborative localization platform is proposed based on Wi-Fi RSSI (existing infrastructure), Cellular RSSI, sound and light levels, that enables room-level localization as main application (though sub room level granularity is possible). The privacy is inherently built into the solution based on onion routing, and perturbation/randomization techniques, and exploits the idea of weighted collaboration to increase the reliability as well as to limit the effect of noisy devices (due to sensor noise/privacy). The proposed solution has been analyzed in terms of privacy, accuracy, optimum parameters, and other overheads on location data collected at multiple indoor and outdoor locations. Copyright © 2017, The Authors. All rights reserved.

关键词： Location based services

来源：评论

学校读者我要写书评

暂无评论

CollabLoc: Privacy-Preserving Multi-Modal Localization via Collaborative Information Fusion

CollabLoc: Privacy-Preserving Multi-Modal Localization via C...

引用

International Conference on computer Communication and Networks

作者： Vidyasagar Sadhu Dario Pompili Saman Zonouz Vincent Sritapan Department of Electrical and Computer Engineering Rutgers University Cyber Security Division Department of Homeland Security Science & Technology Directorate

Mobile phones provide an excellent opportunity for building context-aware applications. In particular, location-based services are important context-aware services that are more and more used for enforcing security policies, for supporting indoor room navigation, and for providing personalized assistance. However, a major problem still remains unaddressed--the lack of solutions that work across buildings while not using additional infrastructure and also accounting for privacy and reliability needs. In this paper, a privacy-preserving, multi-modal, cross-building, collaborative localization platform is proposed based on Wi-Fi RSSI (existing infrastructure), Cellular RSSI, sound and light levels, that enables room-level localization as main application (though sub room level granularity is possible). The privacy is inherently built into the solution based on onion routing, and perturbation/randomization techniques, and exploits the idea of weighted collaboration to increase the reliability as well as to limit the effect of noisy devices (due to sensor noise/privacy). The proposed solution has been analyzed in terms of privacy, accuracy, optimum parameters, and other overheads on location data collected at multiple indoor and outdoor locations.

关键词： Room-level Localization Cross-Building Multi-Modal Privacy Collaboration Mobile Systems Experiments

来源：评论

学校读者我要写书评

暂无评论

An Extended Exploration to the Epidemic Containment Game

An Extended Exploration to the Epidemic Containment Game

引用

International Conference on computer Communications and Networks (ICCCN)

作者： Jia-Hao Xu Zhen Wang Guang-Hai Cui Yi-Zhi Ren Hong Ding Kim-Kwang Raymond Choo School of Computer Science and Technology Hangzhou Dianzi University Hangzhou China School of Cyberspace Hangzhou Dianzi University Hangzhou China School of Information and Electrical Engineering Ludong University Yantai China Department of Information Systems and Cyber Security The University of Texas at San Antonio San Antonio TX USA

The epidemic containment game is a formulation to describe voluntary vaccination behaviors before epidemic spreading. This game relies on the characterization of the susceptible-infected- susceptible (SIS) model in terms of the spectral radius of the network. Existing researches showed that finding the worst Nash Equilibrium (NE) is NP-hard and used a heuristic algorithm called Low Degree (LDG) to estimate the maximum social cost under the worst NE (Max NE cost). By comparing the results of the LDG algorithm and exhaustive search, we found the LDG algorithm cannot estimate Max NE cost well, thus, we proposed a new neighbor information based algorithm to estimate Max NE cost in this paper. Moreover, we discussed Stackelberg strategies in which some nodes are secured first by a leader, then other agents choose their strategies voluntarily. We found the target (TAR) strategy is effective to reduce Max NE cost in a scale- free network when T is large and useless when T is low (T is the ratio of the recovery rate to the transmission rate in the SIS model). Moreover, we found that a lot of nodes with small degrees are secured voluntarily under the TAR strategy when T is low, which leads to high Max NE cost. At last, we proposed a new greedy algorithm to select nodes secured first, which can reduce Max NE cost when T is low.

关键词： Nash equilibrium Games Diseases Approximation algorithms Vaccines Eigenvalues and eigenfunctions Erbium

来源：评论

学校读者我要写书评

暂无评论

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案：

请选择收藏分类：

通借通还

建议与咨询 留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

时间限定

文献类型

馆藏选择

核心期刊

语言

文献类型

帮助

文字说明：

检索规则说明：

检索范例：

分类表

所选分类

限定检索结果

文献类型

馆藏范围

日期分布

学科分类号

主题

机构

作者

语言

请选择保存的检索档案： 新增检索档案 确定 取消

请选择收藏分类： 新增自定义分类 确定 取消

通借通还

建议与咨询留下您的常用邮箱和电话号码，以便我们向您反馈解决方案和替代方法

请选择保存的检索档案：

请选择收藏分类：