Showing papers by "Muttukrishnan Rajarajan published in 2016"

Host-Based Intrusion Detection for VANETs: A Statistical Approach to Rogue Node Detection

Abstract: In this paper, an intrusion detection system (IDS) for vehicular ad hoc networks (VANETs) is proposed and evaluated. The IDS is evaluated by simulation in the presence of rogue nodes (RNs) that can launch different attacks. The proposed IDS is capable of detecting a false information attack using statistical techniques effectively and can also detect other types of attacks. First, the theory and implementation of the VANET model that is used to train the IDS is discussed. Then, an extensive simulation and analysis of our model under different traffic conditions is conducted to identify the effects of these parameters in VANETs. In addition, the extensive data gathered in the simulations are presented using graphical and statistical techniques. Moreover, RNs are introduced in the network, and an algorithm is presented to detect these RNs. Finally, we evaluate our system and observe that the proposed application-layer IDS based on a cooperative information exchange mechanism is better for dynamic and fast-moving networks such as VANETs, as compared with other techniques available.

User Collusion Avoidance Scheme for Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption

Abstract: Decentralized attribute-based encryption (ABE) is a variant of multi-authority based ABE whereby any attribute authority (AA) can independently join and leave the system without collaborating with the existing AAs. In this paper, we propose a user collusion avoidance scheme which preserves the user's privacy when they interact with multiple authorities to obtain decryption credentials. The proposed scheme mitigates the well-known user collusion security vulnerability found in previous schemes. We show that our scheme relies on the standard complexity assumption (decisional bilienar Deffie-Hellman assumption). This is contrast to previous schemes which relies on non-standard assumption (q-decisional Diffie-Hellman inversion).

A continuous user authentication scheme for mobile devices

Abstract: Face and touch modalities have independently been shown to yield promising results for continuous user authentication. In this study, we present a novel framework that combines these modalities. We show a stacked classifier approach can be used to improve the continuous authentication on mobile devices and address some prevalent issues with the current state-of-the-art. We use a state-of-the-art public dataset containing face and touch-gesture modalities for 50 users. Features are extracted from each modality for each user. We train a set of classifiers for user modalities to provide probability scores on a sample. The scores capture the nuances of each sample and are concatenated into a vector. This vector is used in a meta-level classifier. The scores we obtain from the meta-level classifiers show our approach performs better than previous continuous authentication approaches. We achieve an equal error rate of 3.77% for a single sample. We also show the added robustness a multi-modal approach provides if one modality is compromised.

System and method for preserving privacy of data in the cloud

Abstract: A system and method for preserving the privacy of data while processing of the data in a cloud. The system comprises a computer program application and a client encryption key, The system is operable to encrypt the computer program application and data using the client encryption key; upload the encrypted computer program application and encrypted data in the cloud; enable the computer platform to undertake processing of the encrypted data in the cloud using the encrypted computer program application; output encrypted processing results; and, enable decryption of the encrypted processing results using the client encryption key.

Information-Flow Control for Building Security and Privacy Preserving Hybrid Clouds

Abstract: A hybrid cloud is a cloud computing environment in which an organization provides and manages some internal resources (private cloud) while the other resources are provisioned externally (public cloud). Rapid deployment of hybrid clouds for utility, cost, effectiveness and flexibility has made it necessary to assure the security and privacy of hybrid clouds as it transcends different domains. Further, successful hybrid cloud implementation requires a well-structured architecture supporting the functionalities of both private and public clouds and the seamless transitions between them. One of the challenges in a hybrid cloud is securing resource access, in particular, enforcing that the owner's policy never gets violated even when the data gets consumed and processed in multiple domains. Existing mechanisms for achieving this, including industry standards such as XACML, SAML, and OAuth, are vulnerable to indirect information leaks as they do not keep track of information flow. The Readers-Writers Flow Model (RWFM) is a novel security model with an intuitive security policy that tracks and controls the flow of information in a decentralized system. In this paper, we present an approach to building a hybrid cloud that preserves the given security and privacy policy by integrating an RWFM security module into a cloud service manager. An advantage of RWFM is that it provides a uniform solution for securing various kinds of hybrid cloud architectures ranging from the simple pairwise federation to the complex interclouds, and supporting varying degrees of flexibility in workload placement ranging from a simple static placement to fully dynamic migration. Further, RWFM framework is forensic-ready by design, because the labels of data and services readily provide the necessary forensic information.

A Roadmap for Privacy Preserving Speech Processing

Abstract: This paper presents an overview of a strategy for enabling speech recognition to be performed in the cloud whilst preserving the privacy of users. The strategy advocates a demarcation of responsibilities between the client and server-side components for performing the speech recognition task. On the client-side resides the acoustic model, which symbolically encodes the audio and encrypts the data before uploading to the server. The server-side then employs searchable encryption-based language modelling to perform the speech recognition task. The paper details the proposed client-side acoustic model components, and the proposed server-side searchable encryption which will be the basis of the language modelling. Some preliminary results are presented, and potential problems and their solutions regarding the encrypted communication between client and server are discussed. Preliminary benchmarking results with acceleration of the client and server operations with GPGPU computing are also presented.

Smart, secure and seamless access control scheme for mobile devices

Abstract: Smart devices capture users' activity such as unlock failures, application usage, location and proximity of devices in and around their surrounding environment. This activity information varies between users and can be used as digital fingerprints of the users' behaviour. Traditionally, users are authenticated to access restricted data using long term static attributes such as password and roles. In this paper, in order to allow secure and seamless data access in mobile environment, we combine both the user behaviour captured by the smart device and the static attributes to develop a novel access control technique. Security and performance analyses show that the proposed scheme substantially reduces the computational complexity while enhances the security compared to the conventional schemes.