Visible to the public Biblio

Found 274 results

Filters: First Letter Of Title is L  [Clear All Filters]
A B C D E F G H I J K [L] M N O P Q R S T U V W X Y Z   [Show ALL]
L
Sultana, Nik, Kohlweiss, Markulf, Moore, Andrew W..  2016.  Light at the Middle of the Tunnel: Middleboxes for Selective Disclosure of Network Monitoring to Distrusted Parties. Proceedings of the 2016 Workshop on Hot Topics in Middleboxes and Network Function Virtualization. :1–6.

Network monitoring is vital to the administration and operation of networks, but it requires privileged access that only highly trusted parties are granted. This severely limits the opportunity for external parties, such as service or equipment providers, auditors, or even clients, to measure the health or operation of a network in which they are stakeholders, but do not have access to its internal structure. In this position paper we propose the use of middleboxes to open up network monitoring to external parties using privacy-preserving technology. This will allow distrusted parties to make more inferences about the network state than currently possible, without learning any precise information about the network or the data that crosses it. Thus the state of the network will be more transparent to external stakeholders, who will be empowered to verify claims made by network operators. Network operators will be able to provide more information about their network without compromising security or privacy.

Alomari, Mohammad Ahmed, Hafiz Yusoff, M., Samsudin, Khairulmizam, Ahmad, R. Badlishah.  2019.  Light Database Encryption Design Utilizing Multicore Processors for Mobile Devices. 2019 IEEE 15th International Colloquium on Signal Processing Its Applications (CSPA). :254–259.

The confidentiality of data stored in embedded and handheld devices has become an urgent necessity more than ever before. Encryption of sensitive data is a well-known technique to preserve their confidentiality, however it comes with certain costs that can heavily impact the device processing resources. Utilizing multicore processors, which are equipped with current embedded devices, has brought a new era to enhance data confidentiality while maintaining suitable device performance. Encrypting the complete storage area, also known as Full Disk Encryption (FDE) can still be challenging, especially with newly emerging massive storage systems. Alternatively, since the most user sensitive data are residing inside persisting databases, it will be more efficient to focus on securing SQLite databases, through encryption, where SQLite is the most common RDBMS in handheld and embedded systems. This paper addresses the problem of ensuring data protection in embedded and mobile devices while maintaining suitable device performance by mitigating the impact of encryption. We presented here a proposed design for a parallel database encryption system, called SQLite-XTS. The proposed system encrypts data stored in databases transparently on-the-fly without the need for any user intervention. To maintain a proper device performance, the system takes advantage of the commodity multicore processors available with most embedded and mobile devices.

Judmayer, Aljosha, Ullrich, Johanna, Merzdovnik, Georg, Voyiatzis, Artemios G., Weippl, Edgar.  2017.  Lightweight Address Hopping for Defending the IPv6 IoT. Proceedings of the 12th International Conference on Availability, Reliability and Security. :20:1–20:10.
The rapid deployment of IoT systems on the public Internet is not without concerns for the security and privacy of consumers. Security in IoT systems is often poorly engineered and engineering for privacy does notseemtobea concern for vendors at all. Thecombination of poor security hygiene and access to valuable knowledge renders IoT systems a much-sought target for attacks. IoT systems are not only Internet-accessible but also play the role of servers according to the established client-server communication model and are thus configured with static and/or easily predictable IPv6 addresses, rendering them an easy target for attacks. We present 6HOP, a novel addressing scheme for IoT devices. Our proposal is lightweight in operation, requires minimal administration overhead, and defends against reconnaissance attacks, address based correlation as well as denial-of-service attacks. 6HOP therefore exploits the ample address space available in IPv6 networks and provides effective protection this way.
Islam, S., Welzl, M., Gjessing, S..  2018.  Lightweight and flexible single-path congestion control coupling. NOMS 2018 - 2018 IEEE/IFIP Network Operations and Management Symposium. :1—6.

Communication between two Internet hosts using parallel connections may result in unwanted interference between the connections. In this dissertation, we propose a sender-side solution to address this problem by letting the congestion controllers of the different connections collaborate, correctly taking congestion control logic into account. Real-life experiments and simulations show that our solution works for a wide variety of congestion control mechanisms, provides great flexibility when allocating application traffic to the connections, and results in lower queuing delay and less packet loss.

Yang, B., Xu, G., Zeng, X., Liu, J., Zhang, Y..  2018.  A Lightweight Anonymous Mobile User Authentication Scheme for Smart Grid. 2018 IEEE SmartWorld, Ubiquitous Intelligence Computing, Advanced Trusted Computing, Scalable Computing Communications, Cloud Big Data Computing, Internet of People and Smart City Innovation (SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI). :821-827.

Smart Grid (SG) technology has been developing for years, which facilitates users with portable access to power through being applied in numerous application scenarios, one of which is the electric vehicle charging. In order to ensure the security of the charging process, users need authenticating with the smart meter for the subsequent communication. Although there are many researches in this field, few of which have endeavored to protect the anonymity and the untraceability of users during the authentication. Further, some studies consider the problem of user anonymity, but they are non-light-weight protocols, even some can not assure any fairness in key agreement. In this paper, we first points out that existing authentication schemes for Smart Grid are neither lack of critical security nor short of important property such as untraceability, then we propose a new two-factor lightweight user authentication scheme based on password and biometric. The authentication process of the proposed scheme includes four message exchanges among the user mobile, smart meter and the cloud server, and then a security one-time session key is generated for the followed communication process. Moreover, the scheme has some new features, such as the protection of the user's anonymity and untraceability. Security analysis shows that our proposed scheme can resist various well-known attacks and the performance analysis shows that compared to other three schemes, our scheme is more lightweight, secure and efficient.

Katkar, V.D., Bhatia, D.S..  2014.  Lightweight approach for detection of denial of service attacks using numeric to binary preprocessing. Circuits, Systems, Communication and Information Technology Applications (CSCITA), 2014 International Conference on. :207-212.


Denial of Service (DoS) and Distributed Denial of Service (DDoS) attack, exhausts the resources of server/service and makes it unavailable for legitimate users. With increasing use of online services and attacks on these services, the importance of Intrusion Detection System (IDS) for detection of DoS/DDoS attacks has also grown. Detection accuracy & CPU utilization of Data mining based IDS is directly proportional to the quality of training dataset used to train it. Various preprocessing methods like normalization, discretization, fuzzification are used by researchers to improve the quality of training dataset. This paper evaluates the effect of various data preprocessing methods on the detection accuracy of DoS/DDoS attack detection IDS and proves that numeric to binary preprocessing method performs better compared to other methods. Experimental results obtained using KDD 99 dataset are provided to support the efficiency of proposed combination.
 

Yang, Wenti, Wang, Ruimiao, Guan, Zhitao, Wu, Longfei, Du, Xiaojiang, Guizani, Mohsen.  2020.  A Lightweight Attribute Based Encryption Scheme with Constant Size Ciphertext for Internet of Things. ICC 2020 - 2020 IEEE International Conference on Communications (ICC). :1—6.

The Internet of Things technology has been used in a wide range of fields, ranging from industrial applications to individual lives. As a result, a massive amount of sensitive data is generated and transmitted by IoT devices. Those data may be accessed by a large number of complex users. Therefore, it is necessary to adopt an encryption scheme with access control to achieve more flexible and secure access to sensitive data. The Ciphertext Policy Attribute-Based Encryption (CP-ABE) can achieve access control while encrypting data can match the requirements mentioned above. However, the long ciphertext and the slow decryption operation makes it difficult to be used in most IoT devices which have limited memory size and computing capability. This paper proposes a modified CP-ABE scheme, which can implement the full security (adaptive security) under the access structure of AND gate. Moreover, the decryption overhead and the length of ciphertext are constant. Finally, the analysis and experiments prove the feasibility of our scheme.

Harttung, Julian, Franz, Elke, Moriam, Sadia, Walther, Paul.  2019.  Lightweight Authenticated Encryption for Network-on-Chip Communications. Proceedings of the 2019 on Great Lakes Symposium on VLSI. :33–38.
In recent years, Network-on-Chip (NoC) has gained increasing popularity as a promising solution for the challenging interconnection problem in multi-processor systems-on-chip (MPSoCs). However, the interest of adversaries to compromise such systems grew accordingly, mandating the integration of security measures into NoC designs. Within this paper, we introduce three novel lightweight approaches for securing communication in NoCs. The suggested solutions combine encryption, authentication, and network coding in order to ensure confidentiality, integrity, and robustness. With performance being critical in NoC environments, our solutions particularly emphasize low latencies and low chip area. Our approaches were evaluated through extensive software simulations. The results have shown that the performance degradation induced by the protection measures is clearly outweighed by the aforementioned benefits. Furthermore, the area overhead implied by the additional components is reasonably low.
Lavanya, Natarajan.  2016.  Lightweight Authentication for COAP Based IOT. Proceedings of the 6th International Conference on the Internet of Things. :167–168.

Security of Constrained application protocol(COAP) used instead of HTTP in Internet of Thing s(IoT) is achieved using DTLS which uses the Internet key exchange protocol for key exchange and management. In this work a novel key exchange and authentication protocol is proposed. CLIKEv2 protcol is a certificate less and light weight version of the existing protocol. The protocol design is tested with the formal protcol verification tool Scyther, where no named attacks are identified for the propsed protocol. Compared to the existing IKE protocol the CLIKEv2 protocol reduces the computation time, key sizes and ultimately reduces energy consumption.

Bauer, Sergei, Brunner, Martin, Schartner, Peter.  2019.  Lightweight Authentication for Low-End Control Units with Hardware Based Individual Keys. 2019 Third IEEE International Conference on Robotic Computing (IRC). :425–426.

In autonomous driving, security issues from robotic and automotive applications are converging toward each other. A novel approach for deriving secret keys using a lightweight cipher in the firmware of low-end control units is introduced. By evaluating the method on a typical low-end automotive platform, we demonstrate the reusability of the cipher for message authentication. The proposed solution counteracts a known security issue in the robotics and automotive domain.

Mousa, Ahmed Refaat, NourElDeen, Pakinam, Azer, Marianne, Allam, Mahmoud.  2016.  Lightweight Authentication Protocol Deployment over FlexRay. Proceedings of the 10th International Conference on Informatics and Systems. :233–239.

In-vehicle network security is becoming a major concern for the automotive industry. Although there is significant research done in this area, there is still a significant gap between research and what is actually applied in practice. Controller area network (CAN) gains the most concern of community but little attention is given to FlexRay. Many signs indicate the approaching end of CAN usage and starting with other promising technologies. FlexRay is considered one of the main players in the near future. We believe that migration era is near enough to change our mindset in order to supply industry with complete and mature security proposals with FlexRay. This changing mindset is important to fix the lagging issue appeared in CAN between research and industry. Then, we provide a complete migration of CAN authentication protocol towards FlexRay shows the availability of the protocol over different technologies.

Roselin, A. G., Nanda, P., Nepal, S..  2017.  Lightweight Authentication Protocol (LAUP) for 6LoWPAN Wireless Sensor Networks. 2017 IEEE Trustcom/BigDataSE/ICESS. :371–378.

6LoWPAN networks involving wireless sensors consist of resource starving miniature sensor nodes. Since secured authentication of these resource-constrained sensors is one of the important considerations during communication, use of asymmetric key distribution scheme may not be the perfect choice to achieve secure authentication. Recent research shows that Lucky Thirteen attack has compromised Datagram Transport Layer Security (DTLS) with Cipher Block Chaining (CBC) mode for key establishment. Even though EAKES6Lo and S3K techniques for key establishment follow the symmetric key establishment method, they strongly rely on a remote server and trust anchor for secure key distribution. Our proposed Lightweight Authentication Protocol (LAUP) used a symmetric key method with no preshared keys and comprised of four flights to establish authentication and session key distribution between sensors and Edge Router in a 6LoWPAN environment. Each flight uses freshly derived keys from existing information such as PAN ID (Personal Area Network IDentification) and device identities. We formally verified our scheme using the Scyther security protocol verification tool for authentication properties such as Aliveness, Secrecy, Non-Injective Agreement and Non-Injective Synchronization. We simulated and evaluated the proposed LAUP protocol using COOJA simulator with ContikiOS and achieved less computational time and low power consumption compared to existing authentication protocols such as the EAKES6Lo and SAKES.

Huang, Jheng-Jia, Juang, Wen-Shenq, Fan, Chun-I, Tseng, Yi-Fan, Kikuchi, Hiroaki.  2016.  Lightweight Authentication Scheme with Dynamic Group Members in IoT Environments. Adjunct Proceedings of the 13th International Conference on Mobile and Ubiquitous Systems: Computing Networking and Services. :88–93.

In IoT environments, the user may have many devices to connect each other and share the data. Also, the device will not have the powerful computation and storage ability. Many studies have focused on the lightweight authentication between the cloud server and the client in this environment. They can use the cloud server to help sensors or proxies to finish the authentication. But in the client side, how to create the group session key without the cloud capability is the most important issue in IoT environments. The most popular application network of IoT environments is the wireless body area network (WBAN). In WBAN, the proxy usually needs to control and monitor user's health data transmitted from the sensors. In this situation, the group authentication and group session key generation is needed. In this paper, in order to provide an efficient and robust group authentication and group session key generation in the client side of IoT environments, we propose a lightweight authentication scheme with dynamic group members in IoT environments. Our proposed scheme can satisfy the properties including the flexible generation of shared group keys, the dynamic participation, the active revocation, the low communication and computation cost, and no time synchronization problem. Also our scheme can achieve the security requirements including the mutual authentication, the group session key agreement, and prevent all various well-known attacks.

Fitwi, Alem, Chen, Yu, Zhu, Sencun.  2019.  A Lightweight Blockchain-Based Privacy Protection for Smart Surveillance at the Edge. 2019 IEEE International Conference on Blockchain (Blockchain). :552—555.

Witnessing the increasingly pervasive deployment of security video surveillance systems(VSS), more and more individuals have become concerned with the issues of privacy violations. While the majority of the public have a favorable view of surveillance in terms of crime deterrence, individuals do not accept the invasive monitoring of their private life. To date, however, there is not a lightweight and secure privacy-preserving solution for video surveillance systems. The recent success of blockchain (BC) technologies and their applications in the Internet of Things (IoT) shed a light on this challenging issue. In this paper, we propose a Lightweight, Blockchain-based Privacy protection (Lib-Pri) scheme for surveillance cameras at the edge. It enables the VSS to perform surveillance without compromising the privacy of people captured in the videos. The Lib-Pri system transforms the deployed VSS into a system that functions as a federated blockchain network capable of carrying out integrity checking, blurring keys management, feature sharing, and video access sanctioning. The policy-based enforcement of privacy measures is carried out at the edge devices for real-time video analytics without cluttering the network.

Yoshikawa, Masaya, Nozaki, Yusuke.  2018.  Lightweight Cipher Aware Countermeasure Using Random Number Masks and Its Evaluation. Proceedings of the 2Nd International Conference on Vision, Image and Signal Processing. :55:1-55:5.

Recent advancements in the Internet of Things (IoT) technology has left built-in devices vulnerable to interference from external networks. Power analysis attacks against cryptographic circuits are of particular concern, as they operate by illegally analyzing confidential information via power consumption of a cryptographic circuit. In response to these threats, many researchers have turned to lightweight ciphers, which can be embedded in small-scale circuits, coupled with countermeasures to increase built-in device security, even against power analysis attacks. However, while researchers have examined the efficacy of embedding lightweight ciphers in circuits, neither cost nor tamper resistance have been considered in detail. To use lightweight ciphers and improve tamper resistance in the future, it is necessary to investigate the relationship between the cost of embedding a lightweight cipher with a countermeasure against power analysis in a circuit and the tamper resistance of the cipher. Accordingly, the present study determined the tamper resistance of TWINE, a typical lightweight cipher, both with and without a countermeasure; costs were calculated for embedding the cipher with and without a countermeasure as well.

Castiglione, Arcangelo, Palmieri, Francesco, Colace, Francesco, Lombardi, Marco, Santaniello, Domenico.  2019.  Lightweight Ciphers in Automotive Networks: A Preliminary Approach. 2019 4th International Conference on System Reliability and Safety (ICSRS). :142–147.
Nowadays, the growing need to connect modern vehicles through computer networks leads to increased risks of cyberattacks. The internal network, which governs the several electronic components of a vehicle, is becoming increasingly overexposed to external attacks. The Controller Area Network (CAN) protocol, used to interconnect those devices is the key point of the internal network of modern vehicles. Therefore, securing such protocol is crucial to ensure a safe driving experience. However, the CAN is a standard that has undergone little changes since it was introduced in 1983. More precisely, in an attempt to reduce latency, the transfer of information remains unencrypted, which today represents a weak point in the protocol. Hence, the need to protect communications, without introducing low-level alterations, while preserving the performance characteristics of the protocol. In this work, we investigate the possibility of using symmetric encryption algorithms for securing messages exchanged by CAN protocol. In particular, we evaluate the using of lightweight ciphers to secure CAN-level communication. Such ciphers represent a reliable solution on hardware-constrained devices, such as microcontrollers.
Chi, Po-Wen, Wang, Ming-Hung.  2018.  A Lightweight Compound Defense Framework Against Injection Attacks in IIoT. 2018 IEEE Conference on Dependable and Secure Computing (DSC). :1–8.
Industrial Internet of Things (IIoT) is a trend of the smart industry. By collecting field data from sensors, the industry can make decisions dynamically in time for better performance. In most cases, IIoT is built on private networks and cannot be reached from the Internet. Currently, data transmission in most of IIoT network protocols is in plaintext without encryption protection. Once an attacker breaks into the field, the attacker can intercept data and injects malicious commands to field agents. In this paper, we propose a compound approach for defending command injection attacks in IIOT. First, we leverage the power of Software Defined Networking (SDN) to detect the injection attack. When the injection attack event is detected, the system owner is alarmed that someone tries to pretend a controller or a field agent to deceive the other entity. Second, we develop a lightweight authentication scheme to ensure the identity of the command sender. Command receiver can verify commands first before processing commands.
Jiaqi Yan, Illinois Institute of Technology, Dong Jin, Illinois Institute of Technology.  2016.  A Lightweight Container-based Virtual Time System for Software-defined Network Emulation. Journal of Simulation.

Container-based network emulation offers high fidelity and a scalable testing environment to bridge the gap between research ideas and real-world network applications. However, containers take their notions of time from the physical system clock, and thus the time-stamped events from different containers are multiplexed to reflect the scheduling serialization by the Linux operating system. Conjoining the emulator and other simulators is also challenging due to the difficulties of synchronizing the virtual simulation clock with the physical system clock. Virtual time systems for network emulation shed light on both issues. In this paper, we develop a lightweight container-based virtual time system in Linux Kernel. We use time dilation to trade time with system resources by precisely scaling the time of interactions between containers and physical devices. We develop a time freezer to enable the precise pause and resume of an emulation experiment, which offers the virtual time support to interface with simulators for close synchronization. We integrate the virtual time system into a software-defined networking emulator, Mininet, and evaluate the system accuracy, scalability, and overhead. Finally, we use the virtual-time-enabled emulation testbed to conduct a case study of equal-cost multi-path routing protocol analysis in a data center network.

Lyu, L..  2020.  Lightweight Crypto-Assisted Distributed Differential Privacy for Privacy-Preserving Distributed Learning. 2020 International Joint Conference on Neural Networks (IJCNN). :1–8.
The appearance of distributed learning allows multiple participants to collaboratively train a global model, where instead of directly releasing their private training data with the server, participants iteratively share their local model updates (parameters) with the server. However, recent attacks demonstrate that sharing local model updates is not sufficient to provide reasonable privacy guarantees, as local model updates may result in significant privacy leakage about local training data of participants. To address this issue, in this paper, we present an alternative approach that combines distributed differential privacy (DDP) with a three-layer encryption protocol to achieve a better privacy-utility tradeoff than the existing DP-based approaches. An unbiased encoding algorithm is proposed to cope with floating-point values, while largely reducing mean squared error due to rounding. Our approach dispenses with the need for any trusted server, and enables each party to add less noise to achieve the same privacy and similar utility guarantees as that of the centralized differential privacy. Preliminary analysis and performance evaluation confirm the effectiveness of our approach, which achieves significantly higher accuracy than that of local differential privacy approach, and comparable accuracy to the centralized differential privacy approach.
Biswas, Swarnendu, Cao, Man, Zhang, Minjia, Bond, Michael D., Wood, Benjamin P..  2017.  Lightweight Data Race Detection for Production Runs. Proceedings of the 26th International Conference on Compiler Construction. :11–21.

To detect data races that harm production systems, program analysis must target production runs. However, sound and precise data race detection adds too much run-time overhead for use in production systems. Even existing approaches that provide soundness or precision incur significant limitations. This work addresses the need for soundness (no missed races) and precision (no false races) by introducing novel, efficient production-time analyses that address each need separately. (1) Precise data race detection is useful for developers, who want to fix bugs but loathe false positives. We introduce a precise analysis called RaceChaser that provides low, bounded run-time overhead. (2) Sound race detection benefits analyses and tools whose correctness relies on knowledge of all potential data races. We present a sound, efficient approach called Caper that combines static and dynamic analysis to catch all data races in observed runs. RaceChaser and Caper are useful not only on their own; we introduce a framework that combines these analyses, using Caper as a sound filter for precise data race detection by RaceChaser. Our evaluation shows that RaceChaser and Caper are efficient and effective, and compare favorably with existing state-of-the-art approaches. These results suggest that RaceChaser and Caper enable practical data race detection that is precise and sound, respectively, ultimately leading to more reliable software systems.

Noura, Hassan, Chehab, Ali, Couturier, Raphael.  2019.  Lightweight Dynamic Key-Dependent and Flexible Cipher Scheme for IoT Devices. 2019 IEEE Wireless Communications and Networking Conference (WCNC). :1–8.

Security attacks against Internet of Things (IoT) are on the rise and they lead to drastic consequences. Data confidentiality is typically based on a strong symmetric-key algorithm to guard against confidentiality attacks. However, there is a need to design an efficient lightweight cipher scheme for a number of applications for IoT systems. Recently, a set of lightweight cryptographic algorithms have been presented and they are based on the dynamic key approach, requiring a small number of rounds to minimize the computation and resource overhead, without degrading the security level. This paper follows this logic and provides a new flexible lightweight cipher, with or without chaining operation mode, with a simple round function and a dynamic key for each input message. Consequently, the proposed cipher scheme can be utilized for real-time applications and/or devices with limited resources such as Multimedia Internet of Things (MIoT) systems. The importance of the proposed solution is that it produces dynamic cryptographic primitives and it performs the mixing of selected blocks in a dynamic pseudo-random manner. Accordingly, different plaintext messages are encrypted differently, and the avalanche effect is also preserved. Finally, security and performance analysis are presented to validate the efficiency and robustness of the proposed cipher variants.

Kotel, Sonia, Zeghid, Medien, Machhout, Mohsen, Tourki, Rached.  2017.  Lightweight Encryption Algorithm Based on Modified XTEA for Low-Resource Embedded Devices. Proceedings of the 21st International Database Engineering & Applications Symposium. :192–199.

The number of resource-limited wireless devices utilized in many areas of Internet of Things is growing rapidly; there is a concern about privacy and security. Various lightweight block ciphers are proposed; this work presents a modified lightweight block cipher algorithm. A Linear Feedback Shift Register is used to replace the key generation function in the XTEA1 Algorithm. Using the same evaluation conditions, we analyzed the software implementation of the modified XTEA using FELICS (Fair Evaluation of Lightweight Cryptographic Systems) a benchmarking framework which calculates RAM footprint, ROM occupation and execution time on three largely used embedded devices: 8-bit AVR microcontroller, 16-bit MSP microcontroller and 32-bit ARM microcontroller. Implementation results show that it provides less software requirements compared to original XTEA. We enhanced the security level and the software performance.

Xie, Xiongwei, Wang, Weichao.  2016.  Lightweight Examination of DLL Environments in Virtual Machines to Detect Malware. Proceedings of the 4th ACM International Workshop on Security in Cloud Computing. :10–16.

Since it becomes increasingly difficult to trick end users to install and run executable files from unknown sources, attackers refer to stealthy ways such as manipulation of DLL (Dynamic Link Library) files to compromise user computers. In this paper, we propose to develop mechanisms that allow the hypervisor to conduct lightweight examination of DLL files and their running environment in guest virtual machines. Different from the approaches that focus on static analysis of the DLL API calling graphs, our mechanisms conduct continuous examination of their running states. In this way, malicious manipulations to DLL files that happen after they are loaded into memory can also be detected. In order to maintain non-intrusive monitoring and reduce the impacts on VM performance, we avoid examinations of the complete DLL file contents but focus on the parameters such as the relative virtual addresses (RVA) of the functions. We have implemented our approach in Xen and conducted experiments with more than 100 malware of different types. The experiment results show that our approach can effectively detect the malware with very low increases in overhead at guest VMs.

Salman, A., Diehl, W., Kaps, J. P..  2017.  A light-weight hardware/software co-design for pairing-based cryptography with low power and energy consumption. 2017 International Conference on Field Programmable Technology (ICFPT). :235–238.

Embedded electronic devices and sensors such as smartphones, smart watches, medical implants, and Wireless Sensor Nodes (WSN) are making the “Internet of Things” (IoT) a reality. Such devices often require cryptographic services such as authentication, integrity and non-repudiation, which are provided by Public-Key Cryptography (PKC). As these devices are severely resource-constrained, choosing a suitable cryptographic system is challenging. Pairing Based Cryptography (PBC) is among the best candidates to implement PKC in lightweight devices. In this research, we present a fast and energy efficient implementation of PBC based on Barreto-Naehrig (BN) curves and optimal Ate pairing using hardware/software co-design. Our solution consists of a hardware-based Montgomery multiplier, and pairing software running on an ARM Cortex A9 processor in a Zynq-7020 System-on-Chip (SoC). The multiplier is protected against simple power analysis (SPA) and differential power analysis (DPA), and can be instantiated with a variable number of processing elements (PE). Our solution improves performance (in terms of latency) over an open-source software PBC implementation by factors of 2.34 and 2.02, for 256- and 160-bit field sizes, respectively, as measured in the Zynq-7020 SoC.

Tsuda, Y., Nakazato, J., Takagi, Y., Inoue, D., Nakao, K., Terada, K..  2018.  A Lightweight Host-Based Intrusion Detection Based on Process Generation Patterns. 2018 13th Asia Joint Conference on Information Security (AsiaJCIS). :102–108.
Advanced persistent threat (APT) has been considered globally as a serious social problem since the 2010s. Adversaries of this threat, at first, try to penetrate into targeting organizations by using a backdoor which is opened with drive-by-download attacks, malicious e-mail attachments, etc. After adversaries' intruding, they usually execute benign applications (e.g, OS built-in commands, management tools published by OS vendors, etc.) for investigating networks of targeting organizations. Therefore, if they penetrate into networks once, it is difficult to rapidly detect these malicious activities only by using anti-virus software or network-based intrusion systems. Meanwhile, enterprise networks are managed well in general. That means network administrators have a good grasp of installed applications and routinely used applications for employees' daily works. Thereby, in order to find anomaly behaviors on well-managed networks, it is effective to observe changes executing their applications. In this paper, we propose a lightweight host-based intrusion detection system by using process generation patterns. Our system periodically collects lists of active processes from each host, then the system constructs process trees from the lists. In addition, the system detects anomaly processes from the process trees considering parent-child relationships, execution sequences and lifetime of processes. Moreover, we evaluated the system in our organization. The system collected 2, 403, 230 process paths in total from 498 hosts for two months, then the system could extract 38 anomaly processes. Among them, one PowerShell process was also detected by using an anti-virus software running on our organization. Furthermore, our system could filter out the other 18 PowerShell processes, which were used for maintenance of our network.