Found 11770 results

[Anonymous].  Submitted.  Approximate Nearest Neighbor Search Based on Hierarchical Multi-Index Hashing.
Nowadays, hashing methods are widely used in large-scale approximate nearest neighbor search due to its efficient storage and fast retrieval speed. By these methods, the original data is usually hashed into binary codes which enables to measure the similarity by Hamming distance. When dealing with large-scale data, their binary codes can be used as direct indices in a hash table. However, codes longer than 32 bits are obviously not efficient. For the given binary codes, this paper proposes a multi-index hashing structure based on binary code substrings partitioning. Since substrings partitioning is essentially a combinatorial optimization problem, we propose a hierarchical and recursive partitioning approach to obtain an approximate solution to it. Furthermore, we adopt a query-adaptive fine-grained ranking approach in the neighbor search stage to alleviate the imbalance between multi-index tables. Finally, extensive experiments are conducted on two datasets MNIST and CIFAR-10, demonstrating that our method achieves state-of-the-art performance in terms of efficiency, precision and recall rate.
[Anonymous].  Submitted.  Breaking the Circuit-Size Barrier in Secret Sharing. STOC 2018.
{We study secret sharing schemes for general (non-threshold) access structures. A general secret sharing scheme for n parties is associated to a monotone function F:\0,1\n$\rightarrowłbrace$0,1\}. In such a scheme, a dealer distributes shares of a secret s among n parties. Any subset of parties T {$\subseteq$} [n] should be able to put together their shares and reconstruct the secret s if F(T)=1, and should have no information about s if F(T)=0. One of the major long-standing questions in information-theoretic cryptography is to minimize the (total) size of the shares in a secret-sharing scheme for arbitrary monotone functions F. There is a large gap between lower and upper bounds for secret sharing. The best known scheme for general F has shares of size 2n-o(n), but the best lower bound is {$Ømega$}(n2/logn). Indeed, the exponential share size is a direct result of the fact that in all known secret-sharing schemes, the share size grows with the size of a circuit (or formula, or monotone span program) for F. Indeed, several researchers have suggested the existence of a representation size barrier which implies that the right answer is closer to the upper bound, namely, 2n-o(n). In this work, we overcome this barrier by constructing a secret sharing scheme for any access structure with shares of size 20.994n and a linear secret sharing scheme for any access structure with shares of size 20.999n. As a contribution of independent interest, we also construct a secret sharing scheme with shares of size 2Õ({$\surd$}n) for 2n n/2 monotone access structures, out of a total of 2n n/2{$\cdot$} (1+O(logn/n)) of them. Our construction builds on recent works that construct better protocols for the conditional disclosure of secrets (CDS) problem.
[Anonymous].  Submitted.  Leakage Resilient Searchable Symmetric Encryption with Periodic Updation. {2019 3rd International Conference on Trends in Electronics and Informatics} (ICOEI).
Searchable symmetric encryption (SSE) scheme allows a data owner to perform search queries over encrypted documents using symmetric cryptography. SSE schemes are useful in cloud storage and data outsourcing. Most of the SSE schemes in existing literature have been proved to leak a substantial amount of information that can lead to an inference attack. This paper presents, a novel leakage resilient searchable symmetric encryption with periodic updation (LRSSEPU) scheme that minimizes extra information leakage, and prevents an untrusted cloud server from performing document mapping attack, query recovery attack and other inference attacks. In particular, the size of the keyword vector is fixed and the keywords are periodically permuted and updated to achieve minimum leakage. Furthermore, our proposed LRSSEPU scheme provides authentication of the query messages and restricts an adversary from performing a replay attack, forged query attack and denial of service attack. We employ a combination of identity-based cryptography (IBC) with symmetric key cryptography to reduce the computation cost and communication overhead. Our scheme is lightweight and easy to implement with very little communication overhead.
Hlyne, C. N. N., Zavarsky, P., Butakov, S..  Submitted.  SCAP benchmark for Cisco router security configuration compliance. 2015 10th International Conference for Internet Technology and Secured Transactions (ICITST). :270–276.
Information security management is time-consuming and error-prone. Apart from day-to-day operations, organizations need to comply with industrial regulations or government directives. Thus, organizations are looking for security tools to automate security management tasks and daily operations. Security Content Automation Protocol (SCAP) is a suite of specifications that help to automate security management tasks such as vulnerability measurement and policy compliance evaluation. SCAP benchmark provides detailed guidance on setting the security configuration of network devices, operating systems, and applications. Organizations can use SCAP benchmark to perform automated configuration compliance assessment on network devices, operating systems, and applications. This paper discusses SCAP benchmark components and the development of a SCAP benchmark for automating Cisco router security configuration compliance.
[Anonymous].  Submitted.  SDN Enabled Secure IoT Architecture. {2019 IFIP/IEEE} Symposium on Integrated Network and Service Management (IM).
The Internet of Things (IoT) is increasingly being used in applications ranging from precision agriculture to critical national infrastructure by deploying a large number of resource-constrained devices in hostile environments. These devices are being exploited to launch attacks in cyber systems. As a result, security has become a significant concern in the design of IoT based applications. In this paper, we present a security architecture for IoT networks by leveraging the underlying features supported by Software Defined Networks (SDN). Our security architecture restricts network access to authenticated IoT devices. We use fine granular policies to secure the flows in the IoT network infrastructure and provide a lightweight protocol to authenticate IoT devices. Such an integrated security approach involving authentication of IoT devices and enabling authorized flows can help to protect IoT networks from malicious IoT devices and attacks.
Torres, J.A., Roy, S., Wan, Y..  Submitted.  Sparse resource allocation for linear network spread dynamics. IEEE Transactions on Automatic Control. 62:1714–1728}year={2017.
Weerakkody, Sean, Ozel, Omur, Griffioen, Paul, Sinopoli, Bruno.  Submitted.  Active Detection for Exposing Intelligent Attacks in Control Systems. 1st IEEE Conference on Control Technology and Applications.
Ashiq Rahman, Ehab Al-Shaer.  Submitted.  Automated Synthesis of Resilient Network Access Controls: A Formal Framework with Refinement. IEEE Transactions of Parallel and Distributed Computing (TPDC),.

Due to the extensive use of network services and emerging security threats, enterprise networks deploy varieties of security devices for controlling resource access based on organizational security requirements. These requirements need fine-grained access control rules based on heterogeneous isolation patterns like access denial, trusted communication, and payload inspection. Organizations are also seeking for usable and optimal security configurations that can harden the network security within enterprise budget constraints. In order to design a security architecture, i.e., the distribution of security devices along with their security policies, that satisfies the organizational security requirements as well as the business constraints, it is required to analyze various alternative security architectures considering placements of network security devices in the network and the corresponding access controls. In this paper, we present an automated formal framework for synthesizing network security configurations. The main design alternatives include different kinds of isolation patterns for network traffic flows. The framework takes security requirements and business constraints along with the network topology as inputs. Then, it synthesizes cost-effective security configurations satisfying the constraints and provides placements of different security devices, optimally distributed in the network, according to the given network topology. In addition, we provide a hypothesis testing-based security architecture refinement mechanism that explores various security design alternatives using ConfigSynth and improves the security architecture by systematically increasing the security requirements. We demonstrate the execution of ConfigSynth and the refinement mechanism using case studies. Finally, we evaluate their scalability using simulated experiments.

A. Sturaro, S. Silvestri, M. Conti,, S. K. Das.  Submitted.  Characterizing Cascade Failures in Inter-Dependent Smart Grid Networks. IEEE Transactions on Smart Grid (Submitted in Oct 2017).
Anastasia Mavridou, Tamas Kecskes, Qishen Zhang, Janos Sztipanovits.  Submitted.  A Common Integrated Framework for Heterogeneous Modeling Services.

Under submission at 6th International Workshop on the Globalization of Modeling Language (GEMOC)

B. Zheng, C. W. Lin, S. Shiraishi, Q. Zhu.  Submitted.  Design and Analysis of Delay-Aware Intelligent Intersection Management. submitted to the ACM Transactions on Cyber-Physical Systems (TCPS).
B. Zheng, C. W. Lin, S. Shiraishi, Q. Zhu.  Submitted.  Design and Analysis of Delay-Aware Intelligent Intersection Management. submitted to the ACM Transactions on Cyber-Physical Systems (TCPS).
Honggang, Zhao, Chen, Shi, Leyu, Zhai.  Submitted.  Design and Implementation of Lightweight 6LoWPAN Gateway Based on Contiki - IEEE Conference Publication.

6LoWPAN technology realizes the IPv6 packet transmission in the IEEE 802.15.4 based WSN. And 6LoWPAN is regarded as one of the ideal technologies to realize the interconnection between WSN and Internet, which is the key to build the IoT. Contiki is an open source and highly portable multitasking operating system, in which the 6LoWPAN has been implemented. In contiki, only several K Bytes of code and a few hundred bytes of memory are required to provide a multitasking environment and built-in TCP/IP support. This makes it especially suitable for memory constrained embedded platforms. In this paper, a lightweight 6LoWPAN gateway based on Contiki is designed and its designs of hardware and software are described. A complex experiment environment is presented, in which the gateway's capability of accessing the Internet is verified, and its performance about the average network delay and jitter are analyzed. The experimental results show that the gateway designed in this paper can not only realize the interconnection between 6LoWPAN networks and Internet, but also have good network adaptability and stability.

Zhao, Yanbo, Ioannou, Petros A, Dessouky, Maged M.  Submitted.  Dynamic Multimodal Freight Routing using a Co-Simulation Optimization Approach. IEEE Transactions on Intelligent Transportation Systems.
Jansuwan, Sarawut, Ryu, Seungkyu, Freckleton, Derek, Chen, Anthony, Heaslip, Kevin.  Submitted.  An evaluation framework of an automated electric transportation system. Proceeding of the 92th Annual Meeting of the Transportation Research Board. 40