Visible to the public Biblio

Filters: Keyword is Resists  [Clear All Filters]
2021-09-21
Wang, Duanyi, Shu, Hui, Kang, Fei, Bu, Wenjuan.  2020.  A Malware Similarity Analysis Method Based on Network Control Structure Graph. 2020 IEEE 11th International Conference on Software Engineering and Service Science (ICSESS). :295–300.
Recently, graph-based malware similarity analysis has been widely used in the field of malware detection. However, the wide application of code obfuscation, polymorphism, and deformation changes the structure of malicious code, which brings great challenges to the malware similarity analysis. To solve these problems, in this paper, we present a new approach to malware similarity analysis based on the network control structure graph (NCSG). This method analyzed the behavior of malware by application program interface (API) association and constructed NCSG. The graph could reflect the command-and-control(C&C) logic of malware. Therefore, it can resist the interference of code obfuscation technology. The structural features extracted from NCSG will be used as the basis of similarity analysis for training the detection model. Finally, we tested the dataset constructed from five known malware family samples, and the experimental results showed that the accuracy of this method for malware variation analysis reached 92.75%. In conclusion, the malware similarity analysis based on NCSG has a strong application value for identifying the same family of malware.
2021-09-16
Rieger, Craig, Kolias, Constantinos, Ulrich, Jacob, McJunkin, Timothy R..  2020.  A Cyber Resilient Design for Control Systems. 2020 Resilience Week (RWS). :18–25.
The following topics are dealt with: security of data; distributed power generation; power engineering computing; power grids; power system security; computer network security; voltage control; risk management; power system measurement; critical infrastructures.
2021-08-31
Sun, Yanfei, Yu, Mengyuan, Wang, Junyu.  2020.  Research and Development of QR Code Steganography Based on JSteg Algorithm in DCT Domain. 2020 IEEE 15th International Conference on Solid-State Integrated Circuit Technology (ICSICT). :1—4.
Using steganography for data hiding is becoming a main subject to ensure both information security and picture quality. Traditional steganography algorithms usually convert secret information into a binary string and embed it in the pixel data of the cover image. In order to ensure the information security as well as convenient transmission, this work studies the steganography algorithm of embedding the QR code containing secret information into the cover image, based on the JSteg algorithm. Secret messages with different sizes have been tested by many cover images and standard parameters have adopted to verify the efficiency. According to the experimental results, all the PSNR in a value that is greater than 47.6 dB. The proposed method has high security and more imperceptibility.
2021-08-17
Shiwei, Huo, Yubo, Tang, Shaojun, Liu, Balin, Tian.  2020.  Security Analysis and Improvement of Identity-based Key Management Scheme for Airborne Ad Hoc Networks. 2020 IEEE Conference on Telecommunications, Optics and Computer Science (TOCS). :209–213.
An identity-based distributed key management scheme for airborne ad hoc networks is analyzed. It is demonstrated that in the generation phase of user private key, the user identity certificate is transmitted in the public channel, so that the attacker can use the intercepted identity certificate to fake the legitimate node and cheat the distributed key generation center to generate private key for it. Then, an improved authentication scheme is proposed. It constructs the signature of timestamp using the private key of the user node as authentication proof, so that the attacker can't forge the authentication information. It is showed that the improved scheme can effectively resist the forgery attack, and further reduce the computing cost of user nodes while realizing all the functions of the original scheme.
2021-08-03
Zhang, Yan, Li, Bing, Wang, Yazhou, Wu, Jiaxin, Yuan, Pengwei.  2020.  A Blockchain-based User Remote Autentication Scheme in IoT Systems Using Physical Unclonable Functions. 2020 IEEE 5th International Conference on Signal and Image Processing (ICSIP). :1100—1105.
Achieving efficient and secure accesses to real-time information from the designated IoT node is the fundamental key requirement for the applications of the Internet of Things. However, IoT nodes are prone to physical attacks, public channels reveal the sensitive information, and gateways that manage the IoT nodes suffer from the single-point failure, thereby causing the security and privacy problems. In this paper, a blockchain-based user remote authentication scheme using physical unclonable functions (PUFs) is proposed to overcome these problems. The PUFs provide physically secure identities for the IoT nodes and the blockchain acts as a distributed database to manage the key materials reliably for gateways. The security analysis is conducted and shows that our scheme realizes reliable security features and resists various attacks. Furthermore, a prototype was implemented to prove our scheme is efficient, scalable, and suitable for IoT scenarios.
2021-07-27
Zhang, Wei, Zhang, ZhiShuo, Wu, Yi.  2020.  Multi-Authority Attribute Based Encryption With Policy-hidden and Accountability. 2020 International Conference on Space-Air-Ground Computing (SAGC). :95—96.
In this paper, an attribute-based encryption scheme with policy hidden and key tracing under multi-authority is proposed. In our scheme, the access structure is embedded into the ciphertext implicitly and the attacker cannot gain user's private information by access structure. The key traceability is realized under multi-authority and collusion is prevented. Finally, based on the DBDH security model, it is proved that this scheme can resist the plaintext attack under the standard model.
2021-07-08
Su, Yishan, Zhang, Ting, Jin, Zhigang, Guo, Lei.  2020.  An Anti-Attack Trust Mechanism Based on Collaborative Spectrum Sensing for Underwater Acoustic Sensor Networks. Global Oceans 2020: Singapore – U.S. Gulf Coast. :1—5.
The main method for long-distance underwater communication is underwater acoustic communication(UAC). The bandwidth of UAC channel is narrow and the frequency band resources are scarce. Therefore, it is important to improve the frequency band utilization of UAC system. Cognitive underwater acoustic (CUA) technology is an important method. CUA network can share spectrum resources with the primary network. Spectrum sensing (SS) technology is the premise of realizing CUA. Therefore, improving the accuracy of spectral sensing is the main purpose of this paper. However, the realization of underwater SS technology still faces many difficulties. First, underwater energy supplies are scarce, making it difficult to apply complex algorithms. Second, and more seriously, CUA network can sometimes be attacked and exploited by hostile forces, which will not only lead to data leakage, but also greatly affect the accuracy of SS. In order to improve the utilization of underwater spectrum and avoid attack, an underwater spectrum sensing model based on the two-threshold energy detection method and K of M fusion decision method is established. Then, the trust mechanism based on beta function and XOR operation are proposed to combat individual attack and multi-user joint attack (MUJA) respectively. Finally, simulation result shows the effectiveness of these methods.
2021-06-28
Liu, Jia, Fu, Hongchuan, Chen, Yunhua, Shi, Zhiping.  2020.  A Trust-based Message Passing Algorithm against Persistent SSDF. 2020 IEEE 20th International Conference on Communication Technology (ICCT). :1112–1115.
As a key technology in cognitive radio, cooperative spectrum sensing has been paid more and more attention. In cooperative spectrum sensing, multi-user cooperative spectrum sensing can effectively alleviate the performance degradation caused by multipath effect and shadow fading, and improve the spectrum utilization. However, as there may be malicious users in the cooperative sensing users, sending forged false messages to the fusion center or neighbor nodes to mislead them to make wrong judgments, which will greatly reduce the spectrum utilization. To solve this problem, this paper proposes an intelligent anti spectrum sensing data falsification (SSDF) attack algorithm using trust-based non consensus message passing algorithm. In this scheme, only one perception is needed, and the historical propagation path of each message is taken as the basis to calculate the reputation of each cognitive user. Every time a node receives different messages from the same cognitive user, there must be malicious users in its propagation path. We reward the nodes that appear more times in different paths with reputation value, and punish the nodes that appear less. Finally, the real value of the tampered message is restored according to the calculated reputation value. The MATLAB results show that the proposed scheme has a high recovery rate for messages and can identify malicious users in the network at the same time.
2021-03-04
Yangchun, Z., Zhao, Y., Yang, J..  2020.  New Virus Infection Technology and Its Detection. 2020 IEEE 11th International Conference on Software Engineering and Service Science (ICSESS). :388—394.

Computer virus detection technology is an important basic security technology in the information age. The current detection technology has a high success rate for the detection of known viruses and known virus infection technologies, but the development of detection technology often lags behind the development of computer virus infection technology. Under Windows system, there are many kinds of file viruses, which change rapidly, and pose a continuous security threat to users. The research of new file virus infection technology can provide help for the development of virus detection technology. In this paper, a new virus infection technology based on dynamic binary analysis is proposed to execute file virus infection. Using the new virus infection technology, the infected executable file can be detected in the experimental environment. At the same time, this paper discusses the detection method of new virus infection technology. We hope to provide help for the development of virus detection technology from the perspective of virus design.

2021-03-01
Hynes, E., Flynn, R., Lee, B., Murray, N..  2020.  An Evaluation of Lower Facial Micro Expressions as an Implicit QoE Metric for an Augmented Reality Procedure Assistance Application. 2020 31st Irish Signals and Systems Conference (ISSC). :1–6.
Augmented reality (AR) has been identified as a key technology to enhance worker utility in the context of increasing automation of repeatable procedures. AR can achieve this by assisting the user in performing complex and frequently changing procedures. Crucial to the success of procedure assistance AR applications is user acceptability, which can be measured by user quality of experience (QoE). An active research topic in QoE is the identification of implicit metrics that can be used to continuously infer user QoE during a multimedia experience. A user's QoE is linked to their affective state. Affective state is reflected in facial expressions. Emotions shown in micro facial expressions resemble those expressed in normal expressions but are distinguished from them by their brief duration. The novelty of this work lies in the evaluation of micro facial expressions as a continuous QoE metric by means of correlation analysis to the more traditional and accepted post-experience self-reporting. In this work, an optimal Rubik's Cube solver AR application was used as a proof of concept for complex procedure assistance. This was compared with a paper-based procedure assistance control. QoE expressed by affect in normal and micro facial expressions was evaluated through correlation analysis with post-experience reports. The results show that the AR application yielded higher task success rates and shorter task durations. Micro facial expressions reflecting disgust correlated moderately to the questionnaire responses for instruction disinterest in the AR application.
2021-02-22
Li, Y., Liu, Y., Wang, Y., Guo, Z., Yin, H., Teng, H..  2020.  Synergetic Denial-of-Service Attacks and Defense in Underwater Named Data Networking. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :1569–1578.
Due to the harsh environment and energy limitation, maintaining efficient communication is crucial to the lifetime of Underwater Sensor Networks (UWSN). Named Data Networking (NDN), one of future network architectures, begins to be applied to UWSN. Although Underwater Named Data Networking (UNDN) performs well in data transmission, it still faces some security threats, such as the Denial-of-Service (DoS) attacks caused by Interest Flooding Attacks (IFAs). In this paper, we present a new type of DoS attacks, named as Synergetic Denial-of-Service (SDoS). Attackers synergize with each other, taking turns to reply to malicious interests as late as possible. SDoS attacks will damage the Pending Interest Table, Content Store, and Forwarding Information Base in routers with high concealment. Simulation results demonstrate that the SDoS attacks quadruple the increased network traffic compared with normal IFAs and the existing IFA detection algorithm in UNDN is completely invalid to SDoS attacks. In addition, we analyze the infection problem in UNDN and propose a defense method Trident based on carefully designed adaptive threshold, burst traffic detection, and attacker identification. Experiment results illustrate that Trident can effectively detect and resist both SDoS attacks and normal IFAs. Meanwhile, Trident can robustly undertake burst traffic and congestion.
2021-02-08
Nisperos, Z. A., Gerardo, B., Hernandez, A..  2020.  Key Generation for Zero Steganography Using DNA Sequences. 2020 12th International Conference on Electronics, Computers and Artificial Intelligence (ECAI). :1–6.
Some of the key challenges in steganography are imperceptibility and resistance to detection of steganalysis algorithms. Zero steganography is an approach to data hiding such that the cover image is not modified. This paper focuses on the generation of stego-key, which is an essential component of this steganographic approach. This approach utilizes DNA sequences and shifting and flipping operations in its binary code representation. Experimental results show that the key generation algorithm has a low cracking probability. The algorithm satisfies the avalanche criterion.
2021-01-28
Wang, N., Song, H., Luo, T., Sun, J., Li, J..  2020.  Enhanced p-Sensitive k-Anonymity Models for Achieving Better Privacy. 2020 IEEE/CIC International Conference on Communications in China (ICCC). :148—153.

To our best knowledge, the p-sensitive k-anonymity model is a sophisticated model to resist linking attacks and homogeneous attacks in data publishing. However, if the distribution of sensitive values is skew, the model is difficult to defend against skew attacks and even faces sensitive attacks. In practice, the privacy requirements of different sensitive values are not always identical. The “one size fits all” unified privacy protection level may cause unnecessary information loss. To address these problems, the paper quantifies privacy requirements with the concept of IDF and concerns more about sensitive groups. Two enhanced anonymous models with personalized protection characteristic, that is, (p,αisg) -sensitive k-anonymity model and (pi,αisg)-sensitive k-anonymity model, are then proposed to resist skew attacks and sensitive attacks. Furthermore, two clustering algorithms with global search and local search are designed to implement our models. Experimental results show that the two enhanced models have outstanding advantages in better privacy at the expense of a little data utility.

2021-01-20
Li, M., Chang, H., Xiang, Y., An, D..  2020.  A Novel Anti-Collusion Audio Fingerprinting Scheme Based on Fourier Coefficients Reversing. IEEE Signal Processing Letters. 27:1794—1798.

Most anti-collusion audio fingerprinting schemes are aiming at finding colluders from the illegal redistributed audio copies. However, the loss caused by the redistributed versions is inevitable. In this letter, a novel fingerprinting scheme is proposed to eliminate the motivation of collusion attack. The audio signal is transformed to the frequency domain by the Fourier transform, and the coefficients in frequency domain are reversed in different degrees according to the fingerprint sequence. Different from other fingerprinting schemes, the coefficients of the host media are excessively modified by the proposed method in order to reduce the quality of the colluded version significantly, but the imperceptibility is well preserved. Experiments show that the colluded audio cannot be reused because of the poor quality. In addition, the proposed method can also resist other common attacks. Various kinds of copyright risks and losses caused by the illegal redistribution are effectively avoided, which is significant for protecting the copyright of audio.

2020-12-14
Dong, X., Kang, Q., Yao, Q., Lu, D., Xu, Y., Liu, J..  2020.  Towards Primary User Sybil-proofness for Online Spectrum Auction in Dynamic Spectrum Access. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications. :1439–1448.
Dynamic spectrum access (DSA) is a promising platform to solve the spectrum shortage problem, in which auction based mechanisms have been extensively studied due to good spectrum allocation efficiency and fairness. Recently, Sybil attacks were introduced in DSA, and Sybil-proof spectrum auction mechanisms have been proposed, which guarantee that each single secondary user (SU) cannot obtain a higher utility under more than one fictitious identities. However, existing Sybil-poof spectrum auction mechanisms achieve only Sybil-proofness for SUs, but not for primary users (PUs), and simulations show that a cheating PU in those mechanisms can obtain a higher utility by Sybil attacks. In this paper, we propose TSUNAMI, the first Truthful and primary user Sybil-proof aUctioN mechAnisM for onlIne spectrum allocation. Specifically, we compute the opportunity cost of each SU and screen out cost-efficient SUs to participate in spectrum allocation. In addition, we present a bid-independent sorting method and a sequential matching approach to achieve primary user Sybil-proofness and 2-D truthfulness, which means that each SU or PU can gain her maximal utility by bidding with her true valuation of spectrum. We evaluate the performance and validate the desired properties of our proposed mechanism through extensive simulations.
2020-10-19
Hong, Bo, Chen, Jie, Zhang, Kai, Qian, Haifeng.  2019.  Multi-Authority Non-Monotonic KP-ABE With Cryptographic Reverse Firewall. IEEE Access. 7:159002–159012.
The revelations of Snowden show that hardware and software of devices may corrupt users' machine to compromise the security in various ways. To address this concern, Mironov and Stephen-Davidowitz introduce the Cryptographic Reverse Firewall (CRF) concept that is able to resist the ex-filtration of secret information for some compromised machine (Eurocrypt 2015). There are some applications of CRF deployed in many cryptosystems, but less studied and deployed in Attribute-Based Encryption (ABE) field, which attracts a wide range of attention and is employed in real-world scenarios (i.e., data sharing in cloud). In this work, we focus how to give a CRF security protection for a multi-authority ABE scheme and hence propose a multi-authority key-policy ABE scheme with CRF (acronym, MA-KP-ABE-CRF), which supports attribute distribution and non-monotonic access structure. To achieve this, beginning with revisiting a MA-KP-ABE with non-trivial combining non-monotonic formula, we then give the randomness of ciphertexts and secret keys with reverse firewall and give formal security analysis. Finally, we give a simulation on our MA-KP-ABE-CRF system based on Charm library whose the experimental results demonstrate practical efficiency.
2020-09-04
Subangan, S., Senthooran, V..  2019.  Secure Authentication Mechanism for Resistance to Password Attacks. 2019 19th International Conference on Advances in ICT for Emerging Regions (ICTer). 250:1—7.
Authentication is a process that provides access control of any type of computing applications by inspecting the user's identification with the database of authorized users. Passwords play the vital role in authentication mechanism to ensure the privacy of the information and avert from the illicit access. Password based authentication mechanism suffers from many password attacks such as shoulder surfing, brute forcing and dictionary attacks that crack the password of authentication schema by the adversary. Key Stroke technique, Click Pattern technique, Graphichical Password technique and Authentication panel are the several authentication techniques used to resist the password attacks in the literature. This research study critically reviews the types of password attacks and proposes a matrix based secure authentication mechanism which includes three phases namely, User generation phase, Matrix generation phase and Authentication phase to resist the existing password attacks. The performance measure of the proposed method investigates the results in terms existing password attacks and shows the good resistance to password attacks in any type of computing applications.
2020-07-24
Liu, Zechao, Jiang, Zoe L., Wang, Xuan, Wu, Yulin, Yiu, S.M..  2018.  Multi-Authority Ciphertext Policy Attribute-Based Encryption Scheme on Ideal Lattices. 2018 IEEE Intl Conf on Parallel Distributed Processing with Applications, Ubiquitous Computing Communications, Big Data Cloud Computing, Social Computing Networking, Sustainable Computing Communications (ISPA/IUCC/BDCloud/SocialCom/SustainCom). :1003—1008.
Ciphertext policy attribute-based encryption (CP-ABE) is a promising cryptographic technology that provides fine-grained access control as well as data confidentiality. It enables one sender to encrypt the data for more receivers, and to specify a policy on who can decrypt the ciphertext using his/her attributes alone. However, most existing ABE schemes are constructed on bilinear maps and they cannot resist quantum attacks. In this paper, we propose a multi-authority CP-ABE (MA-CPABE) scheme on ideal lattices which is still secure in post-quantum era. On one hand, multiple attribute authorities are required when user's attributes cannot be managed by a central authority. On the other hand, compared with generic lattice, the ideal lattice has extra algebraic structure and can be used to construct more efficient cryptographic applications. By adding some virtual attributes for each authority, our scheme can support flexible threshold access policy. Security analysis shows that the proposed scheme is secure against chosen plaintext attack (CPA) in the standard model under the ring learning with errors (R-LWE) assumption.
Zhang, Leyou, Liang, Pengfei, Mu, Yi.  2018.  Improving Privacy-Preserving and Security for Decentralized Key-Policy Attributed-Based Encryption. IEEE Access. 6:12736—12745.
Decentralized attribute-based encryption (ABE) is an efficient and flexible multi-authority attribute-based encryption system, since it does not requires the central authority and does not need to cooperate among the authorities for creating public parameters. Unfortunately, recent works show that the reality of the privacy preserving and security in almost well-known decentralized key policy ABE (KP-ABE) schemes are doubtful. How to construct a decentralized KP-ABE with the privacy-preserving and user collusion avoidance is still a challenging problem. Most recently, Y. Rahulamathavam et al. proposed a decentralized KP ABE scheme to try avoiding user collusion and preserving the user's privacy. However, we exploit the vulnerability of their scheme in this paper at first and present a collusion attack on their decentralized KP-ABE scheme. The attack shows the user collusion cannot be avoided. Subsequently, a new privacy-preserving decentralized KP-ABE is proposed. The proposed scheme avoids the linear attacks at present and achieves the user collusion avoidance. We also show that the security of the proposed scheme is reduced to decisional bilinear Diffie-Hellman assumption. Finally, numerical experiments demonstrate the efficiency and validity of the proposed scheme.
2020-02-24
Lisec, Thomas, Bodduluri, Mani Teja, Schulz-Walsemann, Arne-Veit, Blohm, Lars, Pieper, Isa, Gu-Stoppel, Shanshan, Niekiel, Florian, Lofink, Fabian, Wagner, Bernhard.  2019.  Integrated High Power Micro Magnets for MEMS Sensors and Actuators. 2019 20th International Conference on Solid-State Sensors, Actuators and Microsystems Eurosensors XXXIII (TRANSDUCERS EUROSENSORS XXXIII). :1768–1771.
Back-end-of-line compatible integration of NdFeB-based micro magnets onto 8 inch Si substrates is presented. Substrate conditioning procedures to enable further processing in a cleanroom environment are discussed. It is shown that permanent magnetic structures with lateral dimensions between 25μm and 2000μm and a depth up to 500μm can be fabricated reliably and reproducibly with a remanent magnetization of 340mT at a standard deviation as low as 5% over the substrate. To illustrate post-processing capabilities, the fabrication of micro magnet arrangements embedded in silicon frames is described.
2019-08-26
Gupta, D. S., Biswas, G. P., Nandan, R..  2018.  Security weakness of a lattice-based key exchange protocol. 2018 4th International Conference on Recent Advances in Information Technology (RAIT). :1–5.

A key exchange protocol is an important primitive in the field of information and network security and is used to exchange a common secret key among various parties. A number of key exchange protocols exist in the literature and most of them are based on the Diffie-Hellman (DH) problem. But, these DH type protocols cannot resist to the modern computing technologies like quantum computing, grid computing etc. Therefore, a more powerful non-DH type key exchange protocol is required which could resist the quantum and exponential attacks. In the year 2013, Lei and Liao, thus proposed a lattice-based key exchange protocol. Their protocol was related to the NTRU-ENCRYPT and NTRU-SIGN and so, was referred as NTRU-KE. In this paper, we identify that NTRU-KE lacks the authentication mechanism and suffers from the man-in-the-middle (MITM) attack. This attack may lead to the forging the authenticated users and exchanging the wrong key.

2019-02-22
Hu, D., Wang, L., Jiang, W., Zheng, S., Li, B..  2018.  A Novel Image Steganography Method via Deep Convolutional Generative Adversarial Networks. IEEE Access. 6:38303-38314.

The security of image steganography is an important basis for evaluating steganography algorithms. Steganography has recently made great progress in the long-term confrontation with steganalysis. To improve the security of image steganography, steganography must have the ability to resist detection by steganalysis algorithms. Traditional embedding-based steganography embeds the secret information into the content of an image, which unavoidably leaves a trace of the modification that can be detected by increasingly advanced machine-learning-based steganalysis algorithms. The concept of steganography without embedding (SWE), which does not need to modify the data of the carrier image, appeared to overcome the detection of machine-learning-based steganalysis algorithms. In this paper, we propose a novel image SWE method based on deep convolutional generative adversarial networks. We map the secret information into a noise vector and use the trained generator neural network model to generate the carrier image based on the noise vector. No modification or embedding operations are required during the process of image generation, and the information contained in the image can be extracted successfully by another neural network, called the extractor, after training. The experimental results show that this method has the advantages of highly accurate information extraction and a strong ability to resist detection by state-of-the-art image steganalysis algorithms.

2019-01-21
Yao, S., Niu, B., Liu, J..  2018.  Enhancing Sampling and Counting Method for Audio Retrieval with Time-Stretch Resistance. 2018 IEEE Fourth International Conference on Multimedia Big Data (BigMM). :1–5.

An ideal audio retrieval method should be not only highly efficient in identifying an audio track from a massive audio dataset, but also robust to any distortion. Unfortunately, none of the audio retrieval methods is robust to all types of distortions. An audio retrieval method has to do with both the audio fingerprint and the strategy, especially how they are combined. We argue that the Sampling and Counting Method (SC), a state-of-the-art audio retrieval method, would be promising towards an ideal audio retrieval method, if we could make it robust to time-stretch and pitch-stretch. Towards this objective, this paper proposes a turning point alignment method to enhance SC with resistance to time-stretch, which makes Philips and Philips-like fingerprints resist to time-stretch. Experimental results show that our approach can resist to time-stretch from 70% to 130%, which is on a par to the state-of-the-art methods. It also marginally improves the retrieval performance with various noise distortions.

2018-11-19
Lebeck, K., Ruth, K., Kohno, T., Roesner, F..  2017.  Securing Augmented Reality Output. 2017 IEEE Symposium on Security and Privacy (SP). :320–337.

Augmented reality (AR) technologies, such as Microsoft's HoloLens head-mounted display and AR-enabled car windshields, are rapidly emerging. AR applications provide users with immersive virtual experiences by capturing input from a user's surroundings and overlaying virtual output on the user's perception of the real world. These applications enable users to interact with and perceive virtual content in fundamentally new ways. However, the immersive nature of AR applications raises serious security and privacy concerns. Prior work has focused primarily on input privacy risks stemming from applications with unrestricted access to sensor data. However, the risks associated with malicious or buggy AR output remain largely unexplored. For example, an AR windshield application could intentionally or accidentally obscure oncoming vehicles or safety-critical output of other AR applications. In this work, we address the fundamental challenge of securing AR output in the face of malicious or buggy applications. We design, prototype, and evaluate Arya, an AR platform that controls application output according to policies specified in a constrained yet expressive policy framework. In doing so, we identify and overcome numerous challenges in securing AR output.

2017-12-12
Zheng, L., Xue, Y., Zhang, L., Zhang, R..  2017.  Mutual Authentication Protocol for RFID Based on ECC. 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC). 2:320–323.

In this paper, a mutual authentication protocol based on ECC is designed for RFID systems. This protocol is described in detail and the performance of this protocol is analyzed. The results show that the protocol has many advantages, such as mutual authentication, confidentiality, anonymity, availability, forward security, scalability and so on, which can resist camouflage attacks, tracking attacks, denial of service attacks, system internal attack.