Tag Archives: secure computing

FastGeo: Efficient Geometric Range Queries on Encrypted Spatial Data

Introduction :

Spatial data have wide applications, e.g., location-based services, and geometric range queries (i.e., finding points inside geometric areas, e.g., circles or polygons) are one of the fundamental search functions over spatial data. The rising demand of outsourcing data is moving large-scale datasets, including large-scale spatial datasets, to public clouds. Meanwhile, due to the concern of insider attackers and hackers on public clouds, the privacy of spatial datasets should be cautiously preserved while querying them at the server side, especially for location-based and medical usage. In this paper, we formalize the concept of Geometrically Searchable Encryption, and propose an efficient scheme, named FastGeo, to protect the privacy of clients’ spatial datasets stored and queried at a public server. With FastGeo, which is a novel two-level search for encrypted spatial data, an honest-but-curious server can efficiently perform geometric range queries, and correctly return data points that are inside a geometric range to a client without learning sensitive data points or this private query. FastGeo supports arbitrary geometric areas, achieves sublinear search time, and enables dynamic updates over encrypted spatial datasets. Our scheme is provably secure, and our experimental results on real-world spatial datasets in cloud platform demonstrate that FastGeo can boost search time over 100 times.

Reference IEEE paper :

“FastGeo: Efficient Geometric Range Queries on Encrypted Spatial Data”, IEEE Transactions on Dependable and Secure Computing, 2017.

Unique ID – SBI1068

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

Efficient and Privacy-preserving Min and k-th Min Computations in Mobile Sensing Systems

Introduction :

Protecting the privacy of mobile phone user participants is extremely important for mobile phone sensing applications. In this paper, we study how an aggregator can expeditiously compute the minimum value or the k-th minimum value of all users’ data without knowing them. We construct two secure protocols using probabilistic coding schemes and a cipher system that allows homomorphic bitwise XOR computations for our problems. Following the standard cryptographic security definition in the semi-honest model, we formally prove our protocols’ security. The protocols proposed by us can support time-series data and need not to assume the aggregator is trusted. Moreover, different from existing protocols that are based on secure arithmetic sum computations, our protocols are based on secure bitwise XOR computations, thus are more efficient.

Reference IEEE paper :

“Efficient and Privacy-preserving Min and k-th Min Computations in Mobile Sensing Systems”, IEEE Transactions on Dependable and Secure Computing 2017.

Unique ID – SBI1067

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

A Credibility Analysis System for Assessing Information on Twitter

Introduction :

Information credibility on Twitter has been a topic of interest among researchers in the fields of both computer and social sciences, primarily because of the recent growth of this platform as a tool for information dissemination. Twitter has made it increasingly possible to offer near-real-time transfer of information in a very cost-effective manner. It is now being used as a source of news among a wide array of users around the globe. The beauty of this platform is that it delivers timely content in a tailored manner that makes it possible for users to obtain news regarding their topics of interest. Consequently, the development of techniques that can verify information obtained from Twitter has become a challenging and necessary task. In this paper, we propose a new credibility analysis system for assessing information credibility on Twitter to prevent the proliferation of fake or malicious information. The proposed system consists of four integrated components: a reputation-based component, a credibility classifier engine, a user experience component, and a feature-ranking algorithm. The components operate together in an algorithmic form to analyze and assess the credibility of Twitter tweets and users. We tested the performance of our system on two different datasets from 489,330 unique Twitter accounts. We applied 10-fold cross-validation over four machine learning algorithms. The results reveal that a significant balance between recall and precision was achieved for the tested dataset.

Reference IEEE paper:

“A Credibility Analysis System for Assessing Information on Twitter”, IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2017.

Unique ID – SBI1066

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

Towards Detecting Compromised Accounts on Social Networks

Introduction :

Compromising social network accounts has become a profitable course of action for cybercriminals. By hijacking control of a popular media or business account, attackers can distribute their malicious messages or disseminate fake information to a large user base. The impacts of these incidents range from a tarnished reputation to multi-billion dollar monetary losses on financial markets. In our previous work, we demonstrated how we can detect large-scale compromises (i.e., so-called campaigns) of regular online social network users. In this work, we show how we can use similar techniques to identify compromises of individual high-profile accounts. High-profile accounts frequently have one characteristic that makes this detection reliable – they show consistent behaviour over time. We show that our system, were it deployed, would have been able to detect and prevent three real-world attacks against popular companies and news agencies. Furthermore, our system, in contrast to popular media, would not have fallen for a staged compromise instigated by a US restaurant chain for publicity reasons.

Reference IEEE paper:

“Towards Detecting Compromised Accounts on Social Networks”, IEEE Transactions on Dependable and Secure Computing, 2017.

Unique ID – SBI1073

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

Search Rank Fraud and Malware Detection in Google Play

Introduction :

Fraudulent behaviours in Google Play, the most popular Android app market, fuel search rank abuse and malware proliferation. To identify malware, previous work has focused on app executable and permission analysis. In this paper, we introduce FairPlay, a novel system that discovers and leverages traces left behind by fraudsters, to detect both malware and apps subjected to search rank fraud. FairPlay correlates review activities and uniquely combines detected review relations with linguistic and behavioural signals gleaned from Google Play app data (87K apps, 2.9M reviews, and 2.4M reviewers, collected over half a year), in order to identify suspicious apps. FairPlay achieves over 95% accuracy in classifying gold standard datasets of malware, fraudulent and legitimate apps. We show that 75% of the identified malware apps engage in search rank fraud. FairPlay discovers hundreds of fraudulent apps that currently evade Google Bouncer’s detection technology. FairPlay also helped the discovery of more than 1,000 reviews, reported for 193 apps, that reveal a new type of “coercive” review campaign: users are harassed into writing positive reviews, and install and review other apps.

Reference IEEE paper :

“Search Rank Fraud and Malware Detection in Google Play”, IEEE Transactions on Knowledge and Data Engineering, 2017.

Unique ID – SBI1072

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

ProGuard Detecting Malicious Accounts in Social-Network-Based Online Promotions

Introduction :

Online social networks gradually integrate financial capabilities by enabling the usage of real and virtual currency. They serve as new platforms to host a variety of business activities such as online promotion events, where users can possibly get virtual currency as rewards by participating such events. Both OSNs and business partners are significantly concerned when attackers instrument a set of accounts to collect virtual currency from these events, which make these events ineffective and result in significant financial loss. It becomes of great importance to proactively detecting these malicious accounts before the online promotion activities and subsequently decrease their priority to be rewarded. In this paper, we propose a novel system, namely ProGuard, to accomplish this objective by systematically integrating features that characterize accounts from three perspectives including their general behaviors, their recharging patterns, and the usage of their currency. We have performed extensive experiments based on data collected from Tencent QQ, a global leading OSN with built-in financial management activities. Experimental results have demonstrated that our system can accomplish a high detection rate of 96.67% at a very low false positive rate of 0.3%.

Reference IEEE paper :

“ProGuard: Detecting Malicious Accounts in Social-Network-Based Online Promotions”, IEEE Access, 2017.

Unique ID -SBI1171

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

 

Privacy Preserving Selective Aggregation of Online User Behaviour Data

Introduction :

Tons of online user behaviour data are being generated every day on the booming and ubiquitous Internet. Growing efforts have been devoted to mining the abundant behaviour data to extract valuable information for research purposes or business interests. However, online users’ privacy is thus under the risk of being exposed to third-parties. The last decade has witnessed a body of research works trying to perform data aggregation in a privacy-preserving way. Most of existing methods guarantee strong privacy protection yet at the cost of very limited aggregation operations, such as allowing only summation, which hardly satisfies the need of behaviour analysis. In this paper, we propose a scheme PPSA, which encrypts users’ sensitive data to prevent privacy disclosure from both outside analysts and the aggregation service provider, and fully supports selective aggregate functions for online user behaviour analysis while guaranteeing differential privacy. We have implemented our method and evaluated its performance using a trace-driven evaluation based on a real online behaviour dataset. Experiment results show that our scheme effectively supports both overall aggregate queries and various selective aggregate queries with acceptable computation and communication overheads.

Reference IEEE paper :

“Privacy-Preserving Selective Aggregation of Online User Behaviour Data” , IEEE Transactions on Computers, 2017.

Unique ID – SBI1070

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here

Control of Photo Sharing on Online Social Networks : My Privacy My Decision

Introduction:

Photo sharing is an attractive feature which popularizes Online Social Networks (OSNs). Unfortunately, it may leak users privacy if they are allowed to post, comment, and tag a photo freely. In this paper, we attempt to address this issue and study the scenario when a user shares a photo containing individuals other than himself/herself (termed co-photo for short). To prevent possible privacy leakage of a photo, we design a mechanism to enable each individual in a photo be aware of the posting activity and participate in the decision making on the photo posting. For this purpose, we need an efficient facial recognition (FR) system that can recognize everyone in the photo. However, more demanding privacy setting may limit the number of the photos publicly available to train the FR system. To deal with this dilemma, our mechanism attempts to utilize users’ private photos to design a personalized FR system specifically trained to differentiate possible photo co-owners without leaking their privacy. We also develop a distributed consensus based method to reduce the computational complexity and protect the private training set. We show that our system is superior to other possible approaches in terms of recognition ratio and efficiency. Our mechanism is implemented as a proof of concept Android application on Facebook’s platform.

Control Photo Sharing on Online Social Networks : My Privacy My Decision

Reference IEEE paper :

“My Privacy My Decision: Control of Photo Sharing on Online Social Networks”, IEEE Transactions on Dependable and Secure Computing, 2017.

Unique ID – SBI1069

Domain – SECURE COMPUTING

Book your project Now.  Checkout other projects here