Visible to the public Biblio

Found 274 results

Filters: First Letter Of Title is L  [Clear All Filters]
A B C D E F G H I J K [L] M N O P Q R S T U V W X Y Z   [Show ALL]
Mavridis, Ilias, Karatza, Helen.  2019.  Lightweight Virtualization Approaches for Software-Defined Systems and Cloud Computing: An Evaluation of Unikernels and Containers. 2019 Sixth International Conference on Software Defined Systems (SDS). :171–178.
Software defined systems use virtualization technologies to provide an abstraction of the hardware infrastructure at different layers. Ultimately, the adoption of software defined systems in all cloud infrastructure components will lead to Software Defined Cloud Computing. Nevertheless, virtualization has already been used for years and is a key element of cloud computing. Traditionally, virtual machines are deployed in cloud infrastructure and used to execute applications on common operating systems. New lightweight virtualization technologies, such as containers and unikernels, appeared later to improve resource efficiency and facilitate the decomposition of big monolithic applications into multiple, smaller services. In this work, we present and empirically evaluate four popular unikernel technologies, Docker containers and Docker LinuxKit. We deployed containers both on bare metal and on virtual machines. To fairly evaluate their performance, we created similar applications for unikernels and containers. Additionally, we deployed full-fledged database applications ported on both virtualization technologies. Although in bibliography there are a few studies which compare unikernels and containers, in our study for the first time, we provide a comprehensive performance evaluation of clean-slate and legacy unikernels, Docker containers and Docker LinuxKit.
Shi, Yang, Wang, Xiaoping, Fan, Hongfei.  2017.  Light-weight white-box encryption scheme with random padding for wearable consumer electronic devices. IEEE Transactions on Consumer Electronics. 63:44–52.
Wearable devices can be potentially captured or accessed in an unauthorized manner because of their physical nature. In such cases, they are in white-box attack contexts, where the adversary may have total visibility on the implementation of the built-in cryptosystem, with full control over its execution platform. Dealing with white-box attacks on wearable devices is undoubtedly a challenge. To serve as a countermeasure against threats in such contexts, we propose a lightweight encryption scheme to protect the confidentiality of data against white-box attacks. We constructed the scheme's encryption and decryption algorithms on a substitution-permutation network that consisted of random secret components. Moreover, the encryption algorithm uses random padding that does not need to be correctly decrypted as part of the input. This feature enables non-bijective linear transformations to be used in each encryption round to achieve strong security. The required storage for static data is relatively small and the algorithms perform well on various devices, which indicates that the proposed scheme satisfies the requirements of wearable computing in terms of limited memory and low computational power.
Yin, Z., Dou, S., Bai, H., Hou, Y..  2019.  Light-Weighted Security Access Scheme of Broadband Power Line Communications for Multi-Source Information Collection. 2019 IEEE 3rd Information Technology, Networking, Electronic and Automation Control Conference (ITNEC). :1087–1090.

With the continuously development of smart meter-reading technologies for decades, remote information collection of electricity, water, gas and heat meters have been realized. Due to the difference of electrical interfaces and communication protocols among various types of meters, communication modes of meter terminals are not so compatible, it is difficult to realize communication optimization of electricity, water, gas and heat meters information collection services. In addition, with the development of power consumption information acquisition system, the number of acquisition terminals soars greatly and the data of terminal access is highly concurrent. Therefore, the risk of security access is increasing. This paper presents a light-weighted security access scheme of power line communication based on multi-source data acquisition of electricity, water, gas and heat meters, which separates multi-source data acquisition services and achieve services security isolation and channel security isolation. The communication reliability and security of the meter-reading service of "electricity, water, gas and heat" will be improved and the integrated meter service will be realized reliably.

Luger, Ewa, Sellen, Abigail.  2016.  "Like Having a Really Bad PA": The Gulf Between User Expectation and Experience of Conversational Agents. Proceedings of the 2016 CHI Conference on Human Factors in Computing Systems. :5286–5297.

The past four years have seen the rise of conversational agents (CAs) in everyday life. Apple, Microsoft, Amazon, Google and Facebook have all embedded proprietary CAs within their software and, increasingly, conversation is becoming a key mode of human-computer interaction. Whilst we have long been familiar with the notion of computers that speak, the investigative concern within HCI has been upon multimodality rather than dialogue alone, and there is no sense of how such interfaces are used in everyday life. This paper reports the findings of interviews with 14 users of CAs in an effort to understand the current interactional factors affecting everyday use. We find user expectations dramatically out of step with the operation of the systems, particularly in terms of known machine intelligence, system capability and goals. Using Norman's 'gulfs of execution and evaluation' [30] we consider the implications of these findings for the design of future systems.

Pal, Shantanu.  2019.  Limitations and Approaches in Access Control and Identity Management for Constrained IoT Resources. 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops). :431–432.
The Internet of Things (IoT), smart sensors and mobile wearable devices are helping to provide services that are more ubiquitous, smarter, faster and easily accessible to users. However, security is a significant concern for the IoT, with access control and identity management are being two major issues. With the growing size and presence of these systems and the resource constrained nature of the IoT devices, an important question is how to manage policies in a manner that is both scalable and flexible. In this research, we aim at proposing a fine-grained and flexible access control architecture, and to examine an identity model for constrained IoT resources. To achieve this, first, we outline some key limitations in the state of the art access control and identity management for IoT. Then we devise our approach to address those limitations in a systematic way.
Kästner, Christian, Pfeffer, Jürgen.  2014.  Limiting Recertification in Highly Configurable Systems: Analyzing Interactions and Isolation Among Configuration Options. Proceedings of the 2014 Symposium and Bootcamp on the Science of Security. :23:1–23:2.

In highly configurable systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>102000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space. The analysis will guide us to designs separating interacting configuration options in a core system and isolating orthogonal and less trusted configuration options from this core.

Urbina, David I., Giraldo, Jairo A., Cardenas, Alvaro A., Tippenhauer, Nils Ole, Valente, Junia, Faisal, Mustafa, Ruths, Justin, Candell, Richard, Sandberg, Henrik.  2016.  Limiting the Impact of Stealthy Attacks on Industrial Control Systems. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :1092–1105.

While attacks on information systems have for most practical purposes binary outcomes (information was manipulated/eavesdropped, or not), attacks manipulating the sensor or control signals of Industrial Control Systems (ICS) can be tuned by the attacker to cause a continuous spectrum in damages. Attackers that want to remain undetected can attempt to hide their manipulation of the system by following closely the expected behavior of the system, while injecting just enough false information at each time step to achieve their goals. In this work, we study if attack-detection can limit the impact of such stealthy attacks. We start with a comprehensive review of related work on attack detection schemes in the security and control systems community. We then show that many of those works use detection schemes that are not limiting the impact of stealthy attacks. We propose a new metric to measure the impact of stealthy attacks and how they relate to our selection on an upper bound on false alarms. We finally show that the impact of such attacks can be mitigated in several cases by the proper combination and configuration of detection schemes. We demonstrate the effectiveness of our algorithms through simulations and experiments using real ICS testbeds and real ICS systems.

Takbiri, N., Houmansadr, A., Goeckel, D. L., Pishro-Nik, H..  2017.  Limits of location privacy under anonymization and obfuscation. 2017 IEEE International Symposium on Information Theory (ISIT). :764–768.

The prevalence of mobile devices and location-based services (LBS) has generated great concerns regarding the LBS users' privacy, which can be compromised by statistical analysis of their movement patterns. A number of algorithms have been proposed to protect the privacy of users in such systems, but the fundamental underpinnings of such remain unexplored. Recently, the concept of perfect location privacy was introduced and its achievability was studied for anonymization-based LBS systems, where user identifiers are permuted at regular intervals to prevent identification based on statistical analysis of long time sequences. In this paper, we significantly extend that investigation by incorporating the other major tool commonly employed to obtain location privacy: obfuscation, where user locations are purposely obscured to protect their privacy. Since anonymization and obfuscation reduce user utility in LBS systems, we investigate how location privacy varies with the degree to which each of these two methods is employed. We provide: (1) achievability results for the case where the location of each user is governed by an i.i.d. process; (2) converse results for the i.i.d. case as well as the more general Markov Chain model. We show that, as the number of users in the network grows, the obfuscation-anonymization plane can be divided into two regions: in the first region, all users have perfect location privacy; and, in the second region, no user has location privacy.

Braun, Johannes, Buchmann, Johannes, Demirel, Denise, Geihs, Matthias, Fujiwara, Mikio, Moriai, Shiho, Sasaki, Masahide, Waseda, Atsushi.  2017.  LINCOS: A Storage System Providing Long-Term Integrity, Authenticity, and Confidentiality. Proceedings of the 2017 ACM on Asia Conference on Computer and Communications Security. :461–468.
The amount of digital data that requires long-term protection of integrity, authenticity, and confidentiality grows rapidly. Examples include electronic health records, genome data, and tax data. In this paper we present the secure storage system LINCOS, which provides protection of integrity, authenticity, and confidentiality in the long-term, i.e., for an indefinite time period. It is the first such system. It uses the long-term integrity scheme COPRIS, which is also presented here and is the first such scheme that does not leak any information about the protected data. COPRIS uses information-theoretic hiding commitments for confidentiality-preserving integrity and authenticity protection. LINCOS uses proactive secret sharing for confidential storage of secret data. We also present implementations of COPRIS and LINCOS. A special feature of our LINCOS implementation is the use of quantum key distribution and one-time pad encryption for information-theoretic private channels within the proactive secret sharing protocol. The technological platform for this is the Tokyo QKD Network, which is one of worlds most advanced networks of its kind. Our experimental evaluation establishes the feasibility of LINCOS and shows that in view of the expected progress in quantum communication technology, LINCOS is a promising solution for protecting very sensitive data in the cloud.
Wang, Min, Zhou, Wengang, Tian, Qi, Zha, Zhengjun, Li, Houqiang.  2016.  Linear Distance Preserving Pseudo-Supervised and Unsupervised Hashing. Proceedings of the 2016 ACM on Multimedia Conference. :1257–1266.

With the advantage in compact representation and efficient comparison, binary hashing has been extensively investigated for approximate nearest neighbor search. In this paper, we propose a novel and general hashing framework, which simultaneously considers a new linear pair-wise distance preserving objective and point-wise constraint. The direct distance preserving objective aims to keep the linear relationships between the Euclidean distance and the Hamming distance of data points. Based on different point-wise constraints, we propose two methods to instantiate this framework. The first one is a pseudo-supervised hashing method, which uses existing unsupervised hashing methods to generate binary codes as pseudo-supervised information. The second one is an unsupervised hashing method, in which quantization loss is considered. We validate our framework on two large-scale datasets. The experiments demonstrate that our pseudo-supervised method achieves consistent improvement for the state-of-the-art unsupervised hashing methods, while our unsupervised method outperforms the state-of-the-art methods.

Zhao, Liang, Chen, Liqun.  2018.  A Linear Distinguisher and Its Application for Analyzing Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. :253-260.

A distinguisher is employed by an adversary to explore the privacy property of a cryptographic primitive. If a cryptographic primitive is said to be private, there is no distinguisher algorithm that can be used by an adversary to distinguish the encodings generated by this primitive with non-negligible advantage. Recently, two privacy-preserving matrix transformations first proposed by Salinas et al. have been widely used to achieve the matrix-related verifiable (outsourced) computation in data protection. Salinas et al. proved that these transformations are private (in terms of indistinguishability). In this paper, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. Then, we take those two matrix transformations (including Salinas et al.\$'\$s original work and Yu et al.\$'\$s modification) as example targets and analyze their privacy property when our linear distinguisher algorithms are employed by the adversaries. The results show that those transformations are not private even against passive eavesdropping.

Vu, Thang X., Vu, Trinh Anh, Lei, Lei, Chatzinotas, Symeon, Ottersten, Björn.  2019.  Linear Precoding Design for Cache-aided Full-duplex Networks. 2019 IEEE Wireless Communications and Networking Conference (WCNC). :1–6.
Edge caching has received much attention as a promising technique to overcome the stringent latency and data hungry challenges in the future generation wireless networks. Meanwhile, full-duplex (FD) transmission can potentially double the spectral efficiency by allowing a node to receive and transmit simultaneously. In this paper, we study a cache-aided FD system via delivery time analysis and optimization. In the considered system, an edge node (EN) operates in FD mode and serves users via wireless channels. Two optimization problems are formulated to minimize the largest delivery time based on the two popular linear beamforming zero-forcing and minimum mean square error designs. Since the formulated problems are non-convex due to the self-interference at the EN, we propose two iterative optimization algorithms based on the inner approximation method. The convergence of the proposed iterative algorithms is analytically guaranteed. Finally, the impacts of caching and the advantages of the FD system over the half-duplex (HD) counterpart are demonstrated via numerical results.
Danesh, W., Rahman, M..  2017.  Linear regression based multi-state logic decomposition approach for efficient hardware implementation. 2017 IEEE/ACM International Symposium on Nanoscale Architectures (NANOARCH). :153–154.

Multi-state logic presents a promising avenue for more-than-Moore scaling, since efficient implementation of multi-valued logic (MVL) can significantly reduce switching and interconnection requirements and result in significant benefits compared to binary CMOS. So far, traditional approaches lag behind binary CMOS due to: (a) reliance on logic decomposition approaches [4][5][6] that result in many multi-valued minterms [4], complex polynomials [5], and decision diagrams [6], which are difficult to implement, and (b) emulation of multi-valued computation and communication through binary switches and medium that require data conversion, and large circuits. In this paper, we propose a fundamentally different approach for MVL decomposition, merging concepts from data science and nanoelectronics to tackle the problems, (a) First, we do linear regression on all inputs and outputs of a multivalued function, and find an expression that fits most input and output combinations. For unmatched combinations, we do successive regressions to find linear expressions. Next, using our novel visual pattern matching technique, we find conditions based on input and output conditions to select each expression. These expressions along with associated selection criteria ensure that for all possible inputs of a specific function, correct output can be reached. Our selection of regression model to find linear expressions, coefficients and conditions allow efficient hardware implementation. We discuss an approach for solving problem (b) and show an example of quaternary sum circuit. Our estimates show 65.6% saving of switching components compared with a 4-bit CMOS adder.

Chen, J., Lin, X., Shi, Z., Liu, Y..  2020.  Link Prediction Adversarial Attack Via Iterative Gradient Attack. IEEE Transactions on Computational Social Systems. 7:1081–1094.
Increasing deep neural networks are applied in solving graph evolved tasks, such as node classification and link prediction. However, the vulnerability of deep models can be revealed using carefully crafted adversarial examples generated by various adversarial attack methods. To explore this security problem, we define the link prediction adversarial attack problem and put forward a novel iterative gradient attack (IGA) strategy using the gradient information in the trained graph autoencoder (GAE) model. Not surprisingly, GAE can be fooled by an adversarial graph with a few links perturbed on the clean one. The results on comprehensive experiments of different real-world graphs indicate that most deep models and even the state-of-the-art link prediction algorithms cannot escape the adversarial attack, such as GAE. We can benefit the attack as an efficient privacy protection tool from the link prediction of unknown violations. On the other hand, the adversarial attack is a robust evaluation metric for current link prediction algorithms of their defensibility.
Lahbib, A., Toumi, K., Elleuch, S., Laouiti, A., Martin, S..  2017.  Link Reliable and Trust Aware RPL Routing Protocol for Internet of Things. 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). :1–5.

Internet of Things (IoT) is characterized by heterogeneous devices that interact with each other on a collaborative basis to fulfill a common goal. In this scenario, some of the deployed devices are expected to be constrained in terms of memory usage, power consumption and processing resources. To address the specific properties and constraints of such networks, a complete stack of standardized protocols has been developed, among them the Routing Protocol for Low-Power and lossy networks (RPL). However, this protocol is exposed to a large variety of attacks from the inside of the network itself. To fill this gap, this paper focuses on the design and the integration of a novel Link reliable and Trust aware model into the RPL protocol. Our approach aims to ensure Trust among entities and to provide QoS guarantees during the construction and the maintenance of the network routing topology. Our model targets both node and link Trust and follows a multidimensional approach to enable an accurate Trust value computation for IoT entities. To prove the efficiency of our proposal, this last has been implemented and tested successfully within an IoT environment. Therefore, a set of experiments has been made to show the high accuracy level of our system.

Schild, Christopher-J., Schultz, Simone.  2016.  Linking Deutsche Bundesbank Company Data Using Machine-Learning-Based Classification: Extended Abstract. Proceedings of the Second International Workshop on Data Science for Macro-Modeling. :10:1–10:3.

We present a process of linking various Deutsche Bundesbank datasources on companies based on a semi-automatic classification. The linkage process involves data cleaning and harmonization, blocking, construction of comparison features, as well as training and testing a statistical classification model on a "ground-truth" subset of known matches and non-matches. The evaluation of our method shows that the process limits the need for manual classifications to a small percentage of ambiguously classified match candidates.

Yaswinski, Matthew R., Chowdhury, Md Minhaz, Jochen, Mike.  2019.  Linux Security: A Survey. 2019 IEEE International Conference on Electro Information Technology (EIT). :357–362.
Linux is used in a large variety of situations, from private homes on personal machines to businesses storing personal data on servers. This operating system is often seen as more secure than Windows or Mac OS X, but this does not mean that there are no security concerns to be had when running it. Attackers can crack simple passwords over a network, vulnerabilities can be exploited if firewalls do not close enough ports, and malware can be downloaded and run on a Linux system. In addition, sensitive information can be accessed through physical or network access if proper permissions are not set on the files or directories containing it. However, most of these attacks can be prevented by keeping a system up to date, maintaining a secure firewall, using an antivirus, making complex passwords, and setting strong file permissions. This paper presents a list of methods for securing a Linux system from both external and internal threats.
M. Machado, J. W. Byers.  2015.  "Linux XIA: an interoperable meta network architecture to crowdsource the future internet". 2015 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS). :147-158.

With the growing number of proposed clean-slate redesigns of the Internet, the need for a medium that enables all stakeholders to participate in the realization, evaluation, and selection of these designs is increasing. We believe that the missing catalyst is a meta network architecture that welcomes most, if not all, clean-state designs on a level playing field, lowers deployment barriers, and leaves the final evaluation to the broader community. This paper presents Linux XIA, a native implementation of XIA in the Linux kernel, as a candidate. We first describe Linux XIA in terms of its architectural realizations and algorithmic contributions. We then demonstrate how to port several distinct and unrelated network architectures onto Linux XIA. Finally, we provide a hybrid evaluation of Linux XIA at three levels of abstraction in terms of its ability to: evolve and foster interoperation of new architectures, embed disparate architectures inside the implementation's framework, and maintain a comparable forwarding performance to that of the legacy TCP/IP implementation. Given this evaluation, we substantiate a previously unsupported claim of XIA: that it readily supports and enables network evolution, collaboration, and interoperability - traits we view as central to the success of any future Internet architecture.

Lu, L., Yu, J., Chen, Y., Liu, H., Zhu, Y., Liu, Y., Li, M..  2018.  LipPass: Lip Reading-based User Authentication on Smartphones Leveraging Acoustic Signals. IEEE INFOCOM 2018 - IEEE Conference on Computer Communications. :1466–1474.

To prevent users' privacy from leakage, more and more mobile devices employ biometric-based authentication approaches, such as fingerprint, face recognition, voiceprint authentications, etc., to enhance the privacy protection. However, these approaches are vulnerable to replay attacks. Although state-of-art solutions utilize liveness verification to combat the attacks, existing approaches are sensitive to ambient environments, such as ambient lights and surrounding audible noises. Towards this end, we explore liveness verification of user authentication leveraging users' lip movements, which are robust to noisy environments. In this paper, we propose a lip reading-based user authentication system, LipPass, which extracts unique behavioral characteristics of users' speaking lips leveraging build-in audio devices on smartphones for user authentication. We first investigate Doppler profiles of acoustic signals caused by users' speaking lips, and find that there are unique lip movement patterns for different individuals. To characterize the lip movements, we propose a deep learning-based method to extract efficient features from Doppler profiles, and employ Support Vector Machine and Support Vector Domain Description to construct binary classifiers and spoofer detectors for user identification and spoofer detection, respectively. Afterwards, we develop a binary tree-based authentication approach to accurately identify each individual leveraging these binary classifiers and spoofer detectors with respect to registered users. Through extensive experiments involving 48 volunteers in four real environments, LipPass can achieve 90.21% accuracy in user identification and 93.1% accuracy in spoofer detection.

Dennis Griffith, University of Illinois at Urbana-Champaign, Elsa Gunter, University of Illinois at Urbana-Champaign.  2013.  LiquidPi: Inferable Dependent Session Types. 5th International NASA Formal Methods (NFM 2013) .

The Pi Calculus is a popular formalism for modeling distributed computation. Session Types extend the Pi Calculus with a static, inferable type system. Dependent Types allow for a more precise characterization of the behavior of programs, but in their full generality are not inferable. In this paper, we present LiquidPi an approach that combines the dependent type inferencing of Liquid Types with Honda’s Session Types to give a more precise automatically derived description of the behavior of distributed programs. These types can be used to describe/enforce safety properties of distributed systems. We present a type system parametric over an underlying functional language with Pi Calculus connectives and give an inference algorithm for it by means of efficient external solvers and a set of dependent qualifier templates.

Mei, Shijia, Liu, Zhihong, Zeng, Yong, Yang, Lin, Ma, Jian Feng.  2019.  Listen!: Audio-based Smart IoT Device Pairing Protocol. 2019 IEEE 19th International Conference on Communication Technology (ICCT). :391–397.
Context-based zero-interaction has become the trend for smart IoT device pairing. In this paper, we propose a secure and usable mechanism to authenticate devices co-located in smart home scenario, and build a secure communication channel between legitimate devices by utilizing on-board microphones to capture a common audio context. After receiving randomly generated sound signals, smart IoT device uses the time intervals between salient sound signals to derive audio fingerprint which can be matched among co-present devices and then be used to bootstrap trust of the devices. The protocol is based on the idea that devices co-located within a physical security boundary (e.g., single family house) can hear similar sounds, and the devices outside would miss parts of sound signals due to the attenuation when sounds pass through the wall. To accelerate the generation rate of audio fingerprint, an extra sound source is introduced. We implement our protocol on Android devices, and the experiment results show that the protocol can distinguish the malicious devices outside from the legitimate devices located inside a security boundary and can quickly establish a strong secret-key between legitimate devices.
Shrestha, Prakash, Saxena, Nitesh.  2018.  Listening Watch: Wearable Two-Factor Authentication Using Speech Signals Resilient to Near-Far Attacks. Proceedings of the 11th ACM Conference on Security & Privacy in Wireless and Mobile Networks. :99–110.
Reducing the level of user effort involved in traditional two-factor authentication (TFA) constitutes an important research topic. A recent effort in this direction leverages ambient sounds to detect the proximity between the second factor device (phone) and the login terminal (browser), and eliminates the need for the user to transfer PIN codes. This approach is highly usable, but is completely vulnerable against far-near attackers, i.e., ones who are remotely located and can guess the victim's audio environment or make the phone create predictable sounds (e.g., ringers), and those who are in physical proximity of the user. In this paper, we propose Listening-Watch, a new TFA mechanism based on a wearable device (watch/bracelet) and active browser-generated random speech sounds. As the user attempts to login, the browser populates a short random code encoded into speech, and the login succeeds if the watch's audio recording contains this code (decoded using speech recognition), and is similar enough to the browser's audio recording. The remote attacker, who has guessed the user's environment or created predictable phone/watch sounds, will be defeated since authentication success relies upon the presence of the random code in watch's recordings. The proximity attacker will also be defeated unless it is extremely close to the watch, since the wearable microphones are usually designed to be only capable of picking up nearby sounds (e.g., voice commands). Furthermore, due to the use of a wearable second factor device, Listening-Watch naturally enables two-factor security even when logging in from a mobile phone. Our contributions are three-fold. First, we introduce the idea of strong and low-effort TFA based on wearable devices, active speech sounds and speech recognition, giving rise to the Listening-Watch system that is secure against both remote and proximity attackers. Second, we design and implement Listening-Watch for an Android smartwatch (and companion smartphone) and the Chrome browser, without the need for any browser plugins. Third, we evaluate Listening-Watch for authentication errors in both benign and adversarial settings. Our results show that Listening-Watch can result in minimal errors in both settings based on appropriate thresholdization and speaker volume levels.
Dessouky, G., Abera, T., Ibrahim, A., Sadeghi, A..  2018.  LiteHAX: Lightweight Hardware-Assisted Attestation of Program Execution. 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD). :1–8.

Unlike traditional processors, embedded Internet of Things (IoT) devices lack resources to incorporate protection against modern sophisticated attacks resulting in critical consequences. Remote attestation (RA) is a security service to establish trust in the integrity of a remote device. While conventional RA is static and limited to detecting malicious modification to software binaries at load-time, recent research has made progress towards runtime attestation, such as attesting the control flow of an executing program. However, existing control-flow attestation schemes are inefficient and vulnerable to sophisticated data-oriented programming (DOP) attacks subvert these schemes and keep the control flow of the code intact. In this paper, we present LiteHAX, an efficient hardware-assisted remote attestation scheme for RISC-based embedded devices that enables detecting both control-flow attacks as well as DOP attacks. LiteHAX continuously tracks both the control-flow and data-flow events of a program executing on a remote device and reports them to a trusted verifying party. We implemented and evaluated LiteHAX on a RISC-V System-on-Chip (SoC) and show that it has minimal performance and area overhead.

Abdelaal, M., Karadeniz, M., Dürr, F., Rothermel, K..  2020.  liteNDN: QoS-Aware Packet Forwarding and Caching for Named Data Networks. 2020 IEEE 17th Annual Consumer Communications Networking Conference (CCNC). :1–9.
Recently, named data networking (NDN) has been introduced to connect the world of computing devices via naming data instead of their containers. Through this strategic change, NDN brings several new features to network communication, including in-network caching, multipath forwarding, built-in multicast, and data security. Despite these unique features of NDN networking, there exist plenty of opportunities for continuing developments, especially with packet forwarding and caching. In this context, we introduce liteNDN, a novel forwarding and caching strategy for NDN networks. liteNDN comprises a cooperative forwarding strategy through which NDN routers share their knowledge, i.e. data names and interfaces, to optimize their packet forwarding decisions. Subsequently, liteNDN leverages that knowledge to estimate the probability of each downstream path to swiftly retrieve the requested data. Additionally, liteNDN exploits heuristics, such as routing costs and data significance, to make proper decisions about caching normal as well as segmented packets. The proposed approach has been extensively evaluated in terms of the data retrieval latency, network utilization, and the cache hit rate. The results showed that liteNDN, compared to conventional NDN forwarding and caching strategies, achieves much less latency while reducing the unnecessary traffic and caching activities.
Namazifard, A., Amiri, B., Tousi, A., Aminilari, M., Hozhabri, A. A..  2015.  Literature review of different contention of E-commerce security and the purview of cyber law factors. 2015 9th International Conference on e-Commerce in Developing Countries: With focus on e-Business (ECDC). :1–14.

Today, by widely spread of information technology (IT) usage, E-commerce security and its related legislations are very critical issue in information technology and court law. There is a consensus that security matters are the significant foundation of e-commerce, electronic consumers, and firms' privacy. While e-commerce networks need a policy for security privacy, they should be prepared for a simple consumer friendly infrastructure. Hence it is necessary to review the theoretical models for revision. In This theory review, we embody a number of former articles that cover security of e-commerce and legislation ambit at the individual level by assessing five criteria. Whether data of articles provide an effective strategy for secure-protection challenges in e-commerce and e-consumers. Whether provisions clearly remedy precedents or they need to flourish? This paper focuses on analyzing the former discussion regarding e-commerce security and existence legislation toward cyber-crime activity of e-commerce the article also purports recommendation for subsequent research which is indicate that through secure factors of e-commerce we are able to fill the vacuum of its legislation.