Visible to the public Biblio

Found 784 results

Filters: First Letter Of Last Name is K  [Clear All Filters]
A B C D E F G H I J [K] L M N O P Q R S T U V W X Y Z   [Show ALL]
Kassem, Ali, Ács, Gergely, Castelluccia, Claude, Palamidessi, Catuscia.  2019.  Differential Inference Testing: A Practical Approach to Evaluate Sanitizations of Datasets. 2019 IEEE Security and Privacy Workshops (SPW). :72—79.

In order to protect individuals' privacy, data have to be "well-sanitized" before sharing them, i.e. one has to remove any personal information before sharing data. However, it is not always clear when data shall be deemed well-sanitized. In this paper, we argue that the evaluation of sanitized data should be based on whether the data allows the inference of sensitive information that is specific to an individual, instead of being centered around the concept of re-identification. We propose a framework to evaluate the effectiveness of different sanitization techniques on a given dataset by measuring how much an individual's record from the sanitized dataset influences the inference of his/her own sensitive attribute. Our intent is not to accurately predict any sensitive attribute but rather to measure the impact of a single record on the inference of sensitive information. We demonstrate our approach by sanitizing two real datasets in different privacy models and evaluate/compare each sanitized dataset in our framework.

Kassem, Mohamed, Hasan, Cengis, Marina, Mahesh.  2016.  Decoupled Uplink/Downlink User Association in HetNets: A Matching with Contracts Approach. Proceedings of the 12th ACM Symposium on QoS and Security for Wireless and Mobile Networks. :19–28.

In light of the prevalent trend towards dense HetNets, the conventional coupled user association, where mobile device uses the same base station (BS) for both uplink and downlink traffic, is being questioned and the alternative and more general downlink/uplink decoupling paradigm is emerging. We focus on designing an effective user association mechanism for HetNets with downlink/uplink decoupling, which has started to receive more attention. We use a combination of matching theory and stochastic geometry. We model the problem as a matching with contracts game by drawing an analogy with the hospital-doctor matching problem. In our model, we use stochastic geometry to derive a closed-form expression for matching utility function. Our model captures different objectives between users in the uplink/downlink directions and also from the perspective of BSs. Based on this game model, we present a matching algorithm for decoupled uplink/downlink user association that results in a stable allocation. Simulation results demonstrate that our approach provides close-to-optimal performance, and significant gains over alternative approaches for user association in the decoupled context as well as the traditional coupled user association; these gains are a result of the holistic nature of our approach that accounts for the additional cost associated with decoupling and inter-dependence between uplink and downlink associations. Our work is also the first in the wireless communications domain to employ matching with contracts approach.

Kassim, Sarah, Megherbi, Ouerdia, Hamiche, Hamid, Djennoune, Saïd, Bettayeb, Maamar.  2019.  Speech encryption based on the synchronization of fractional-order chaotic maps. 2019 IEEE International Symposium on Signal Processing and Information Technology (ISSPIT). :1–6.
This work presents a new method of encrypting and decrypting speech based on a chaotic key generator. The proposed scheme takes advantage of the best features of chaotic systems. In the proposed method, the input speech signal is converted into an image which is ciphered by an encryption function using a chaotic key matrix generated from a fractional-order chaotic map. Based on a deadbeat observer, the exact synchronization of system used is established, and the decryption is performed. Different analysis are applied for analyzing the effectiveness of the encryption system. The obtained results confirm that the proposed system offers a higher level of security against various attacks and holds a strong key generation mechanism for satisfactory speech communication.
Kästner, Christian, Pfeffer, Jürgen.  2014.  Limiting Recertification in Highly Configurable Systems: Analyzing Interactions and Isolation Among Configuration Options. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security. :23:1–23:2.

In highly configurable systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>102000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space. The analysis will guide us to designs separating interacting configuration options in a core system and isolating orthogonal and less trusted configuration options from this core.

Katarya, R., Lal, A..  2020.  A Study on Combating Emerging Threat of Deepfake Weaponization. 2020 Fourth International Conference on I-SMAC (IoT in Social, Mobile, Analytics and Cloud) (I-SMAC). :485—490.
A breakthrough in the emerging use of machine learning and deep learning is the concept of autoencoders and GAN (Generative Adversarial Networks), architectures that can generate believable synthetic content called deepfakes. The threat lies when these low-tech doctored images, videos, and audios blur the line between fake and genuine content and are used as weapons to cause damage to an unprecedented degree. This paper presents a survey of the underlying technology of deepfakes and methods proposed for their detection. Based on a detailed study of all the proposed models of detection, this paper presents SSTNet as the best model to date, that uses spatial, temporal, and steganalysis for detection. The threat posed by document and signature forgery, which is yet to be explored by researchers, has also been highlighted in this paper. This paper concludes with the discussion of research directions in this field and the development of more robust techniques to deal with the increasing threats surrounding deepfake technology.
Katasev, Alexey S., Emaletdinova, Lilia Yu., Kataseva, Dina V..  2018.  Neural Network Model for Information Security Incident Forecasting. 2018 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). :1—5.

This paper describes the technology of neural network application to solve the problem of information security incidents forecasting. We describe the general problem of analyzing and predicting time series in a graphical and mathematical setting. To solve this problem, it is proposed to use a neural network model. To solve the task of forecasting a time series of information security incidents, data are generated and described on the basis of which the neural network is trained. We offer a neural network structure, train the neural network, estimate it's adequacy and forecasting ability. We show the possibility of effective use of a neural network model as a part of an intelligent forecasting system.

Katasev, Alexey S., Emaletdinova, Lilia Yu., Kataseva, Dina V..  2018.  Neural Network Spam Filtering Technology. 2018 International Conference on Industrial Engineering, Applications and Manufacturing (ICIEAM). :1—5.

In this paper we solve the problem of neural network technology development for e-mail messages classification. We analyze basic methods of spam filtering such as a sender IP-address analysis, spam messages repeats detection and the Bayesian filtering according to words. We offer the neural network technology for solving this problem because the neural networks are universal approximators and effective in addressing the problems of classification. Also, we offer the scheme of this technology for e-mail messages “spam”/“not spam” classification. The creation of effective neural network model of spam filtering is performed within the databases knowledge discovery technology. For this training set is formed, the neural network model is trained, its value and classifying ability are estimated. The experimental studies have shown that a developed artificial neural network model is adequate and it can be effectively used for the e-mail messages classification. Thus, in this paper we have shown the possibility of the effective neural network model use for the e-mail messages filtration and have shown a scheme of artificial neural network model use as a part of the e-mail spam filtering intellectual system.

Kate, Abhilasha, Kamble, Satish, Bodkhe, Aishwarya, Joshi, Mrunal.  2018.  Conversion of Natural Language Query to SQL Query. 2018 Second International Conference on Electronics, Communication and Aerospace Technology (ICECA). :488—491.

This paper present an approach to automate the conversion of Natural Language Query to SQL Query effectively. Structured Query Language is a powerful tool for managing data held in a relational database management system. To retrieve or manage data user have to enter the correct SQL Query. But the users who don't have any knowledge about SQL are unable to retrieve the required data. To overcome this we proposed a model in Natural Language Processing for converting the Natural Language Query to SQL query. This helps novice user to get required content without knowing any complex details about SQL. This system can also deal with complex queries. This system is designed for Training and Placement cell officers who work on student database but don't have any knowledge about SQL. In this system, user can also enter the query using speech. System will convert speech into the text format. This query will get transformed to SQL query. System will execute the query and gives output to the user.

Kathiravelu, P., Chiesa, M., Marcos, P., Canini, M., Veiga, L..  2018.  Moving Bits with a Fleet of Shared Virtual Routers. 2018 IFIP Networking Conference (IFIP Networking) and Workshops. :1—9.

The steady decline of IP transit prices in the past two decades has helped fuel the growth of traffic demands in the Internet ecosystem. Despite the declining unit pricing, bandwidth costs remain significant due to ever-increasing scale and reach of the Internet, combined with the price disparity between the Internet's core hubs versus remote regions. In the meantime, cloud providers have been auctioning underutilized computing resources in their marketplace as spot instances for a much lower price, compared to their on-demand instances. This state of affairs has led the networking community to devote extensive efforts to cloud-assisted networks - the idea of offloading network functionality to cloud platforms, ultimately leading to more flexible and highly composable network service chains.We initiate a critical discussion on the economic and technological aspects of leveraging cloud-assisted networks for Internet-scale interconnections and data transfers. Namely, we investigate the prospect of constructing a large-scale virtualized network provider that does not own any fixed or dedicated resources and runs atop several spot instances. We construct a cloud-assisted overlay as a virtual network provider, by leveraging third-party cloud spot instances. We identify three use case scenarios where such approach will not only be economically and technologically viable but also provide performance benefits compared to current commercial offerings of connectivity and transit providers.

Katkar, V.D., Bhatia, D.S..  2014.  Lightweight approach for detection of denial of service attacks using numeric to binary preprocessing. Circuits, Systems, Communication and Information Technology Applications (CSCITA), 2014 International Conference on. :207-212.

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack, exhausts the resources of server/service and makes it unavailable for legitimate users. With increasing use of online services and attacks on these services, the importance of Intrusion Detection System (IDS) for detection of DoS/DDoS attacks has also grown. Detection accuracy & CPU utilization of Data mining based IDS is directly proportional to the quality of training dataset used to train it. Various preprocessing methods like normalization, discretization, fuzzification are used by researchers to improve the quality of training dataset. This paper evaluates the effect of various data preprocessing methods on the detection accuracy of DoS/DDoS attack detection IDS and proves that numeric to binary preprocessing method performs better compared to other methods. Experimental results obtained using KDD 99 dataset are provided to support the efficiency of proposed combination.

Katole, R. A., Sherekar, S. S., Thakare, V. M..  2018.  Detection of SQL injection attacks by removing the parameter values of SQL query. 2018 2nd International Conference on Inventive Systems and Control (ICISC). :736–741.

Internet users are increasing day by day. The web services and mobile web applications or desktop web application's demands are also increasing. The chances of a system being hacked are also increasing. All web applications maintain data at the backend database from which results are retrieved. As web applications can be accessed from anywhere all around the world which must be available to all the users of the web application. SQL injection attack is nowadays one of the topmost threats for security of web applications. By using SQL injection attackers can steal confidential information. In this paper, the SQL injection attack detection method by removing the parameter values of the SQL query is discussed and results are presented.

Katsikas, Sokratis K..  2017.  Cyber Security of the Autonomous Ship. Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security. :55–56.
Katsini, Christina, Raptis, George E., Fidas, Christos, Avouris, Nikolaos.  2018.  Towards Gaze-Based Quantification of the Security of Graphical Authentication Schemes. Proceedings of the 2018 ACM Symposium on Eye Tracking Research & Applications. :17:1-17:5.

In this paper, we introduce a two-step method for estimating the strength of user-created graphical passwords based on the eye-gaze behaviour during password composition. First, the individuals' gaze patterns, represented by the unique fixations on each area of interest (AOI) and the total fixation duration per AOI, are calculated. Second, the gaze-based entropy of the individual is calculated. To investigate whether the proposed metric is a credible predictor of the password strength, we conducted two feasibility studies. Results revealed a strong positive correlation between the strength of the created passwords and the gaze-based entropy. Hence, we argue that the proposed gaze-based metric allows for unobtrusive prediction of the strength of the password a user is going to create and enables intervention to the password composition for helping users create stronger passwords.

Katsini, Christina, Belk, Marios, Fidas, Christos, Avouris, Nikolaos, Samaras, George.  2016.  Security and Usability in Knowledge-based User Authentication: A Review. Proceedings of the 20th Pan-Hellenic Conference on Informatics. :63:1–63:6.

This paper presents a comprehensive review of state-of-the-art research works in knowledge-based user authentication, covering the security and usability aspects of the most prominent user authentication schemes; text-, pin- and graphical-based. From the security perspective, we analyze current threats from a user and service provider perspective. Furthermore, based on current practices in authentication policies, we summarize and discuss their security strengths based on widely applied security metrics. From the usability point of view, we present and discuss the usability of each authentication scheme in regards with task performance and user experience. The analysis reveals that although a plethora of alternative user authentication schemes have been proposed in the literature and users interact differently with the various alternatives, online service providers do not yet adopt alternatives to text-based solutions. We further discuss and identify areas for further research and improved methodology with the aim to drive this research towards the design of sustainable, secure and usable authentication approaches.

Katt, Basel, Prasher, Nishu.  2018.  Quantitative Security Assurance Metrics: REST API Case Studies. Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings. :59:1-59:7.

Security assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches either (1) consider one aspect of assurance, like security requirements fulfillment, or threat/vulnerability existence, or (2) do not consider the relevance of the different security requirements to the evaluated application context. Furthermore, they are mostly qualitative in nature and are heavily based on manual processing, which make them costly and time consuming. Therefore, they are not widely used and applied, especially by small and medium-sized enterprises (SME), which constitute the backbone of the Norwegian economy. In this paper, we propose a quantification method that aims at evaluating security assurance of systems by measuring (1) the level of confidence that the mechanisms fulfilling security requirements are present and (2) the vulnerabilities associated with possible security threats are absent. Additionally, an assurance evaluation process is proposed. Two case studies applying our method are presented. The case studies use our assurance method to evaluate the security level of two REST APIs developed by Statistics Norway, where one of the authors is employed. Analysis shows that the API with the most security mechanisms implemented got a slightly higher security assurance score. Security requirement relevance and vulnerability impact played a role in the overall scores.

Kattepur, Ajay, Dohare, Harshit, Mushunuri, Visali, Rath, Hemant Kumar, Simha, Anantha.  2016.  Resource Constrained Offloading in Fog Computing. Proceedings of the 1st Workshop on Middleware for Edge Clouds & Cloudlets. :1:1–1:6.

When focusing on the Internet of Things (IoT), communicating and coordinating sensor–actuator data via the cloud involves inefficient overheads and reduces autonomous behavior. The Fog Computing paradigm essentially moves the compute nodes closer to sensing entities by exploiting peers and intermediary network devices. This reduces centralized communication with the cloud and entails increased coordination between sensing entities and (possibly available) smart network gateway devices. In this paper, we analyze the utility of offloading computation among peers when working in fog based deployments. It is important to study the trade-offs involved with such computation offloading, as we deal with resource (energy, computation capacity) limited devices. Devices computing in a distributed environment may choose to locally compute part of their data and communicate the remainder to their peers. An optimization formulation is presented that is applied to various deployment scenarios, taking the computation and communication overheads into account. Our technique is demonstrated on a network of robotic sensor–actuators developed on the ROS (Robot Operating System) platform, that coordinate over the fog to complete a task. We demonstrate 77.8% latency and 54% battery usage improvements over large computation tasks, by applying this optimal offloading.

Katz, Jonathan, Shin, Ji Sun.  2005.  Modeling Insider Attacks on Group Key-exchange Protocols. Proceedings of the 12th ACM Conference on Computer and Communications Security. :180–189.

Protocols for authenticated key exchange (AKE) allow parties within an insecure network to establish a common session key which can then be used to secure their future communication. It is fair to say that group AKE is currently less well understood than the case of two-party AKE; in particular, attacks by malicious insiders –- a concern specific to the group setting –- have so far been considered only in a relatively "ad-hoc" fashion. The main contribution of this work is to address this deficiency by providing a formal, comprehensive model and definition of security for group AKE which automatically encompasses insider attacks. We do so by defining an appropriate ideal functionality for group AKE within the universal composability (UC) framework. As a side benefit, any protocol secure with respect to our definition is secure even when run concurrently with other protocols, and the key generated by any such protocol may be used securely in any subsequent application.In addition to proposing this definition, we show that the resulting notion of security is strictly stronger than the one proposed by Bresson, et al. (termed "AKE-security"), and that our definition implies all previously-suggested notions of security against insider attacks. We also show a simple technique for converting any AKE-secure protocol into one secure with respect to our definition.

Katz, Jonathan, Kolesnikov, Vladimir, Wang, Xiao.  2018.  Improved Non-Interactive Zero Knowledge with Applications to Post-Quantum Signatures. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. :525–537.

Recent work, including ZKBoo, ZKB++, and Ligero, has developed efficient non-interactive zero-knowledge proofs of knowledge (NIZKPoKs) for Boolean circuits based on symmetric-key primitives alone, using the "MPC-in-the-head" paradigm of Ishai et al. We show how to instantiate this paradigm with MPC protocols in the preprocessing model; once optimized, this results in an NIZKPoK with shorter proofs (and comparable computation) as in prior work for circuits containing roughly 300–100,000 AND\textasciitildegates. In contrast to prior work, our NIZKPoK also supports witness-independent preprocessing, which allows the prover to shift most of its work to an offline phase before the witness is known. We use our NIZKPoK to construct a signature scheme based only on symmetric-key primitives (and hence with "post-quantum" security). The resulting scheme has shorter signatures than the scheme built using ZKB++ (and comparable signing/verification time), and is even competitive with hash-based signature schemes. To further highlight the flexibility and power of our NIZKPoK, we also use it to build efficient ring and group signatures based on symmetric-key primitives alone. To our knowledge, the resulting schemes are the most efficient constructions of these primitives that offer post-quantum security.

Kauffmann, David, Carmi, Golan.  2017.  E-collaboration of Virtual Teams: The Mediating Effect of Interpersonal Trust. Proceedings of the 2017 International Conference on E-Business and Internet. :45–49.
This study examines the relationship between task communication and relationship communication, and collaboration by exploring the mediating effect of interpersonal trust in a virtual team environment. A theoretical model was developed to examine this relationship where cognitive trust and affective trust are defined as mediation variables between communication and collaboration. The main results of this study show that firstly, there is a significant correlation with a large effect size between communication, trust, and collaboration. Secondly, interpersonal trust plays an important role as a mediator in the relationship between communication and collaboration, especially in relationship communication within virtual teams.
Kaul, Sonam Devgan, Hatzinakos, Dimitrios.  2019.  Learning Automata Based Secure Multi Agent RFID Authentication System. 2019 10th International Conference on Computing, Communication and Networking Technologies (ICCCNT). :1–7.
Radio frequency identification wireless sensing technology widely adopted and developed from last decade and has been utilized for monitoring and autonomous identification of objects. However, wider utilization of RFID technologies has introduced challenges such as preserving security and privacy of sensitive data while maintaining the high quality of service. Thus, in this work, we will deliberately build up a RFID system by utilizing learning automata based multi agent intelligent system to greatly enhance and secure message transactions and to improve operational efficiency. The incorporation of these two advancements and technological developments will provide maximum benefit in terms of expertly and securely handle data in RFID scenario. In proposed work, learning automata inbuilt RFID tags or assumed players choose their optimal strategy via enlarging its own utility function to achieve long term benefit. This is possible if they transmit their utility securely to back end server and then correspondingly safely get new utility function from server to behave optimally in its environment. Hence, our proposed authentication protocol, expertly transfer utility from learning automata inbuilt tags to reader and then to server. Moreover, we verify the security and privacy of our proposed system by utilizing automatic formal prover Scyther tool.
Kaur, A., Jain, S., Goel, S..  2017.  A Support Vector Machine Based Approach for Code Smell Detection. 2017 International Conference on Machine Learning and Data Science (MLDS). :9–14.

Code smells may be introduced in software due to market rivalry, work pressure deadline, improper functioning, skills or inexperience of software developers. Code smells indicate problems in design or code which makes software hard to change and maintain. Detecting code smells could reduce the effort of developers, resources and cost of the software. Many researchers have proposed different techniques like DETEX for detecting code smells which have limited precision and recall. To overcome these limitations, a new technique named as SVMCSD has been proposed for the detection of code smells, based on support vector machine learning technique. Four code smells are specified namely God Class, Feature Envy, Data Class and Long Method and the proposed technique is validated on two open source systems namely ArgoUML and Xerces. The accuracy of SVMCSD is found to be better than DETEX in terms of two metrics, precision and recall, when applied on a subset of a system. While considering the entire system, SVMCSD detect more occurrences of code smells than DETEX.

Kaur, Gaganjot, Gupta, Prinima.  2019.  Hybrid Approach for Detecting DDOS Attacks in Software Defined Networks. 2019 Twelfth International Conference on Contemporary Computing (IC3). :1–6.

In today's time Software Defined Network (SDN) gives the complete control to get the data flow in the network. SDN works as a central point to which data is administered centrally and traffic is also managed. SDN being open source product is more prone to security threats. The security policies are also to be enforced as it would otherwise let the controller be attacked the most. The attacks like DDOS and DOS attacks are more commonly found in SDN controller. DDOS is destructive attack that normally diverts the normal flow of traffic and starts the over flow of flooded packets halting the system. Machine Learning techniques helps to identify the hidden and unexpected pattern of the network and hence helps in analyzing the network flow. All the classified and unclassified techniques can help detect the malicious flow based on certain parameters like packet flow, time duration, accuracy and precision rate. Researchers have used Bayesian Network, Wavelets, Support Vector Machine and KNN to detect DDOS attacks. As per the review it's been analyzed that KNN produces better result as per the higher precision and giving a lower falser rate for detection. This paper produces better approach of hybrid Machine Learning techniques rather than existing KNN on the same data set giving more accuracy of detecting DDOS attacks on higher precision rate. The result of the traffic with both normal and abnormal behavior is shown and as per the result the proposed algorithm is designed which is suited for giving better approach than KNN and will be implemented later on for future.

Kaur, Gurpreet, Malik, Yasir, Samuel, Hamman, Jaafar, Fehmi.  2018.  Detecting Blind Cross-Site Scripting Attacks Using Machine Learning. Proceedings of the 2018 International Conference on Signal Processing and Machine Learning. :22–25.

Cross-site scripting (XSS) is a scripting attack targeting web applications by injecting malicious scripts into web pages. Blind XSS is a subset of stored XSS, where an attacker blindly deploys malicious payloads in web pages that are stored in a persistent manner on target servers. Most of the XSS detection techniques used to detect the XSS vulnerabilities are inadequate to detect blind XSS attacks. In this research, we present machine learning based approach to detect blind XSS attacks. Testing results help to identify malicious payloads that are likely to get stored in databases through web applications.

Kaur, Jagjot, Lindskog, Dale.  2016.  An Algorithm to Facilitate Intrusion Response in Mobile Ad Hoc Networks. Proceedings of the 9th International Conference on Security of Information and Networks. :124–128.

In this research paper, we describe an algorithm that could be implemented on an intrusion response system (IRS) designed specifically for mobile ad hoc networks (MANET). Designed to supplement a MANET's hierarchical intrusion detection system (IDS), this IRS and its associated algorithm would be implemented on the root node operating in such an IRS, and would rely on the optimized link state routing protocol (OLSR) to determine facts about the topology of the network, and use that determination to facilitate responding to network intrusions and attacks. The algorithm operates in a query-response mode, where the IRS function of the IDS root node queries the implemented algorithm, and the algorithm returns its response, formatted as an unordered list of nodes satisfying the query.

Kaur, Jagjot, Lindskog, Dale.  2016.  An Algorithm to Facilitate Intrusion Response in Mobile Ad Hoc Networks. Proceedings of the 9th International Conference on Security of Information and Networks. :124–128.

In this research paper, we describe an algorithm that could be implemented on an intrusion response system (IRS) designed specifically for mobile ad hoc networks (MANET). Designed to supplement a MANET's hierarchical intrusion detection system (IDS), this IRS and its associated algorithm would be implemented on the root node operating in such an IRS, and would rely on the optimized link state routing protocol (OLSR) to determine facts about the topology of the network, and use that determination to facilitate responding to network intrusions and attacks. The algorithm operates in a query-response mode, where the IRS function of the IDS root node queries the implemented algorithm, and the algorithm returns its response, formatted as an unordered list of nodes satisfying the query.