scispace - formally typeset

Computer and Communications Security

About: Computer and Communications Security is an academic conference. The conference publishes majorly in the area(s): Encryption & Cryptography. Over the lifetime, 3920 publication(s) have been published by the conference receiving 261619 citation(s). more

Topics: Encryption, Cryptography, Authentication more

Proceedings ArticleDOI: 10.1145/168588.168596
Mihir Bellare1, Phillip Rogaway1Institutions (1)
01 Dec 1993-
Abstract: We argue that the random oracle model—where all parties have access to a public random oracle—provides a bridge between cryptographic theory and cryptographic practice. In the paradigm we suggest, a practical protocol P is produced by first devising and proving correct a protocol PR for the random oracle model, and then replacing oracle accesses by the computation of an “appropriately chosen” function h. This paradigm yields protocols much more efficient than standard ones while retaining many of the advantages of provable security. We illustrate these gains for problems including encryption, signatures, and zero-knowledge proofs. more

Topics: Random oracle (67%), Pseudorandom function family (64%), Random function (63%) more

4,977 Citations

Proceedings ArticleDOI: 10.1145/586110.586117
Laurent Eschenauer1, Virgil D. Gligor1Institutions (1)
18 Nov 2002-
Abstract: Distributed Sensor Networks (DSNs) are ad-hoc mobile networks that include sensor nodes with limited computation and communication capabilities. DSNs are dynamic in the sense that they allow addition and deletion of sensor nodes after deployment to grow the network or replace failing and unreliable nodes. DSNs may be deployed in hostile areas where communication is monitored and nodes are subject to capture and surreptitious use by an adversary. Hence DSNs require cryptographic protection of communications, sensor-capture detection, key revocation and sensor disabling. In this paper, we present a key-management scheme designed to satisfy both operational and security requirements of DSNs. The scheme includes selective distribution and revocation of keys to sensor nodes as well as node re-keying without substantial computation and communication capabilities. It relies on probabilistic key sharing among the nodes of a random graph and uses simple protocols for shared-key discovery and path-key establishment, and for key revocation, re-keying, and incremental addition of nodes. The security and network connectivity characteristics supported by the key-management scheme are discussed and simulation experiments presented. more

3,863 Citations

Open accessProceedings ArticleDOI: 10.1145/1180405.1180418
30 Oct 2006-
Abstract: As more sensitive data is shared and stored by third-party sites on the Internet, there will be a need to encrypt data stored at these sites. One drawback of encrypting data, is that it can be selectively shared only at a coarse-grained level (i.e., giving another party your private key). We develop a new cryptosystem for fine-grained sharing of encrypted data that we call Key-Policy Attribute-Based Encryption (KP-ABE). In our cryptosystem, ciphertexts are labeled with sets of attributes and private keys are associated with access structures that control which ciphertexts a user is able to decrypt. We demonstrate the applicability of our construction to sharing of audit-log information and broadcast encryption. Our construction supports delegation of private keys which subsumesHierarchical Identity-Based Encryption (HIBE). more

Topics: On-the-fly encryption (69%), Attribute-based encryption (67%), Probabilistic encryption (66%) more

3,765 Citations

Open accessProceedings ArticleDOI: 10.1145/3052973.3053009
Nicolas Papernot1, Patrick McDaniel1, Ian Goodfellow2, Somesh Jha3  +2 moreInstitutions (4)
02 Apr 2017-
Abstract: Machine learning (ML) models, e.g., deep neural networks (DNNs), are vulnerable to adversarial examples: malicious inputs modified to yield erroneous model outputs, while appearing unmodified to human observers. Potential attacks include having malicious content like malware identified as legitimate or controlling vehicle behavior. Yet, all existing adversarial example attacks require knowledge of either the model internals or its training data. We introduce the first practical demonstration of an attacker controlling a remotely hosted DNN with no such knowledge. Indeed, the only capability of our black-box adversary is to observe labels given by the DNN to chosen inputs. Our attack strategy consists in training a local model to substitute for the target DNN, using inputs synthetically generated by an adversary and labeled by the target DNN. We use the local substitute to craft adversarial examples, and find that they are misclassified by the targeted DNN. To perform a real-world and properly-blinded evaluation, we attack a DNN hosted by MetaMind, an online deep learning API. We find that their DNN misclassifies 84.24% of the adversarial examples crafted with our substitute. We demonstrate the general applicability of our strategy to many ML techniques by conducting the same attack against models hosted by Amazon and Google, using logistic regression substitutes. They yield adversarial examples misclassified by Amazon and Google at rates of 96.19% and 88.94%. We also find that this black-box attack strategy is capable of evading defense strategies previously found to make adversarial example crafting harder. more

2,269 Citations

Open accessProceedings ArticleDOI: 10.1145/2976749.2978318
Martín Abadi1, Andy Chu1, Ian Goodfellow, H. Brendan McMahan1  +3 moreInstitutions (1)
24 Oct 2016-
Abstract: Machine learning techniques based on neural networks are achieving remarkable results in a wide variety of domains. Often, the training of models requires large, representative datasets, which may be crowdsourced and contain sensitive information. The models should not expose private information in these datasets. Addressing this goal, we develop new algorithmic techniques for learning and a refined analysis of privacy costs within the framework of differential privacy. Our implementation and experiments demonstrate that we can train deep neural networks with non-convex objectives, under a modest privacy budget, and at a manageable cost in software complexity, training efficiency, and model quality. more

Topics: Privacy software (62%), Deep learning (57%), Differential privacy (55%) more

2,227 Citations

No. of papers from the Conference in previous years

Top Attributes

Show by:

Conference's top 5 most impactful authors

Robert H. Deng

18 papers, 729 citations

Moti Yung

18 papers, 832 citations

Christopher Kruegel

15 papers, 3.3K citations

Ahmad-Reza Sadeghi

15 papers, 1.2K citations

Michael K. Reiter

15 papers, 2.9K citations

Network Information
Related Conferences (5)
USENIX Security Symposium

1.6K papers, 137.1K citations

92% related
Network and Distributed System Security Symposium

983 papers, 83.8K citations

92% related
IEEE Symposium on Security and Privacy

3.6K papers, 255.5K citations

90% related
European Symposium on Research in Computer Security

1K papers, 35.4K citations

90% related
IEEE European Symposium on Security and Privacy

462 papers, 8.8K citations

90% related