1,720,984 research outputs found
Bloom filter based collective remote attestation for dynamic networks
Full text linkNowadays, Internet of Things (IoT) devices are widely used in several application scenarios. Due to their cheap structure, they often do not guarantee high security standard, making them prone to hacker attacks. Remote attestation is widely used to verify the configuration integrity on remote devices. Unfortunately, checking the integrity of each single device is impractical, thus several collective remote attestation protocols have been recently proposed to efficiently run attestations in wide device swarms. However, current solutions still have several limitations in terms of network topology, scalability, and efficiency. This paper presents a new efficient collective remote attestation protocol for highly dynamic networks. Our protocol is implemented according to the self-attestation procedure, where devices iteratively establish a common view of the integrity of the network through a consensus mechanism. Differently from previous protocols, we leverage on Bloom filters, which permits to drastically reduce the message size for communication and to be more flexible with mobile nodes that can also join or leave the swarm. We evaluate our proposal through several simulations and experiments, showing that it outperforms the state of the art
Privacy Protection in Biometric-Based Recognition Systems: a marriage between cryptography and signal processing
No full textSystems employing biometric traits for people authentication and identification are witnessing growing popularity due to the unique and indissoluble link between any individual and his/her biometric characters. For this reason, biometric templates are increasingly used for border monitoring, access control, membership verification, and so on. When employed to replace passwords, biometrics have the added advantage that they do not need to be memorized and are relatively hard to steal. Nonetheless, unlike conventional security mechanisms such as passwords, biometric data are inherent parts of a person?s body and cannot be replaced if they are compromised. Even worse, compromised biometric data can be used to have access to sensitive information and to impersonate the victim for malicious purposes. For the same reason, biometric leakage in a given system can seriously jeopardize the security of other systems based on the same biometrics. A further problem associated with the use of biometric traits is that, due to their uniqueness, the privacy of their owner is put at risk. Geographical position, movements, habits, and even personal beliefs can be tracked by observing when and where the biometric traits of an individual are used to identify him/her
Ensuring information security by using Haskell's advanced type system
No full textProtecting data confidentiality and integrity has become increasingly important in modern software. Sometimes, access control mechanisms come short and solutions on the application-level are needed. An approach can rely on enforcing information security using some features provided by certain programming languages. Several different solutions addressing this problem have been presented in literature, and entire new languages or libraries have been built from scratch. Some of them use type systems to let the compiler check for vulnerable code. In this way we are able to rule out those implementations which do not meet a certain security requirement. In this paper we use Haskell's type system to enforce three key properties of information security: non-interference and flexible declassification policies, strict input validation, and secure computations on untainted and trusted values. We present a functional lightweight library for applications with data integrity and confidentiality issues. Our contribute relies on a compile time enforcing of the aforementioned properties. Our library is wholly generalized and might be adapted for satisfying almost every security requirement
dAPTaset: a comprehensive mapping of APT-related data
No full textAdvance Persistent Threats (APTs) are the most challenging adversaries for financial companies and critical infrastructures. Many open source platforms present various information about APTs but do not fully cover multiple edges of the diamond model, or may be easily used for research purpose. For this reason, we propose dAPTaset, a database that collects data related to APTs from existing public sources through a semi automatic methodology, and produces an exhaustive dataset
Semba: Secure multi-biometric authentication
Full text linkBiometrics security is a dynamic research area spurred by the need to protect personal traits from threats like theft, non-authorised distribution, reuse and so on. A widely investigated solution to such threats consists of processing the biometric signals under encryption, in order to avoid any leakage of information towards non-authorised parties. In this study, the authors propose to leverage on the superior performance of multimodal biometric recognition to improve the efficiency of a biometric-based authentication protocol operating on encrypted data under the malicious security model. In the proposed protocol, authentication relies on both facial and iris biometrics, whose representation accuracy is specifically tailored to the trade-off between recognition accuracy and efficiency. From a cryptographic point of view, the protocol relies on Damgård et al. SPDZ. Experimental results show that the multimodal protocol is faster than corresponding unimodal protocols achieving the same accuracy
Introduction to the special issue on security and privacy for connected cyber-physical systems
No full textICN PATTA: ICN privacy attack through traffic analysis
No full textPATTA is the first privacy attack based on network traffic analysis in Information-Centric Networking. PATTA aims to automatically identify the category of requested content by sniffing the communication towards the first hop router. PATTA applies text processing and machine learning techniques to content names in content-oriented architectures. We evaluate PATTA in a simulated network, achieving an accuracy in determining a real-time content category equal to 96%
It's always April fools' day!: On the difficulty of social network misinformation classification via propagation features
No full textGiven the huge impact that Online Social Networks (OSN) had in the way people get informed and form their opinion, they became an attractive playground for malicious entities that want to spread misinformation, and leverage their effect. In fact, misinformation easily spreads on OSN, and this is a huge threat for modern society, possibly influencing also the outcome of elections, or even putting people's life at risk (e.g., spreading 'anti-vaccines' misinformation). Therefore, it is of paramount importance for our society to have some sort of 'validation' on information spreading through OSN. The need for a wide-scale validation would greatly benefit from automatic tools. In this paper, we show that it is difficult to carry out an automatic classification of misinformation considering only structural properties of content propagation cascades. We focus on structural properties, because they would be inherently difficult to be manipulated, with the the aim of circumventing classification systems. To support our claim, we carry out an extensive evaluation on Facebook posts belonging to conspiracy theories (representative of misinformation), and scientific news (representative of fact-checked content). Our findings show that conspiracy content reverberates in a way which is hard to distinguish from scientific content: For the classification mechanism we investigated, classification F-score never exceeds 0.7
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
- …
