Global ETD Search

101	Secure and efficient query processing in outsourced databases Bogatov, Dmytro 16 September 2022 (has links) As organizations struggle with processing vast amounts of information, outsourcing sensitive data to third parties becomes a necessity. Various cryptographic techniques are used in outsourced database systems to ensure data privacy while allowing for efficient querying. This thesis proposes a definition and components of a new secure and efficient outsourced database system, which answers various types of queries, with different privacy guarantees in different security models. This work starts with the survey of five order-preserving and order-revealing encryption schemes that can be used directly in many database indices, such as the B+ tree, and five range query protocols with various tradeoffs in terms of security and efficiency. The survey systematizes the state-of-the-art range query solutions in a snapshot adversary setting and offers some non-obvious observations regarding the efficiency of the constructions. The thesis then proceeds with Epsolute - an efficient range query engine in a persistent adversary model. In Epsolute, security is achieved in a setting with a much stronger adversary where she can continuously observe everything on the server, and leaking even the result size can enable a reconstruction attack. Epsolute proposes a definition, construction, analysis, and experimental evaluation of a system that provably hides both access pattern and communication volume while remaining efficient. The dissertation concludes with k-anon - a secure similarity search engine in a snapshot adversary model. The work presents a construction in which the security of kNN queries is achieved similarly to OPE / ORE solutions - encrypting the input with an approximate Distance Comparison Preserving Encryption scheme so that the inputs, the points in a hyperspace, are perturbed, but the query algorithm still produces accurate results. Analyzing the solution, we run a series of experiments to observe the tradeoff between search accuracy and attack effectiveness. We use TREC datasets and queries for the search, and track the rank quality metrics such as MRR and nDCG. For the attacks, we build an LSTM model that trains on the correlation between a sentence and its embedding and then predicts words from the embedding. We conclude on viability and practicality of the solution. Computer science Differential privacy ORAM ORE Secure range queries
102	A new fractional-order chaotic system with its analysis, synchronization, and circuit realization for secure communication applications Rahman, Z.S.A., Jasim, B.H., Al-Yasir, Yasir I.A., Hu, Yim Fun, Abd-Alhameed, Raed, Alhasnawi, B.N. 12 November 2021 (has links) Yes / This article presents a novel four-dimensional autonomous fractional-order chaotic system (FOCS) with multi-nonlinearity terms. Several dynamics, such as the chaotic attractors, equilibrium points, fractal dimension, Lyapunov exponent, and bifurcation diagrams of this new FOCS, are studied analytically and numerically. Adaptive control laws are derived based on Lyapunov theory to achieve chaos synchronization between two identical new FOCSs with an uncertain parameter. For these two identical FOCSs, one represents the master and the other is the slave. The uncertain parameter in the slave side was estimated corresponding to the equivalent master parameter. Next, this FOCS and its synchronization were realized by a feasible electronic circuit and tested using Multisim software. In addition, a microcontroller (Arduino Due) was used to implement the sug-gested system and the developed synchronization technique to demonstrate its digital applicability in real-world applications. Furthermore, based on the developed synchronization mechanism, a secure communication scheme was constructed. Finally, the security analysis metric tests were investigated through histograms and spectrograms analysis to confirm the security strength of the employed communication system. Numerical simulations demonstrate the validity and possibility of using this new FOCS in high-level security communication systems. Furthermore, the secure communication system is highly resistant to pirate attacks. A good agreement between simulation and experimental results is obtained, showing that the new FOCS can be used in real-world applications. Adaptive synchronisation Chaotic systems Fractional-order Microcontroller Secure communications
103	Health and social care services for women offenders: current provision and a future model of care Bartlett, A., Walker, Tammi, Harty, M.A., Abel, K.M. 20 August 2014 (has links) No / Secure provision for women in both the Criminal Justice System and the Health Service has evolved in the last decade, in line with emerging gender-specific policy. Notable gains have been the approach to self-harm in prison and a reduction in the inappropriately high levels of secure hospital care. Although treatment pilots in UK settings are in progress, much practice remains poorly described and insufficiently evaluated. Recent strategic initiatives by both the Ministry of Justice and the Department of Health, as well as the commissioning changes that have followed the Health and Social Care Act 2012, provide a basis for reconsideration and a further paradigm shift. Suggestions for a reinvigorated model of gender-sensitive provision are made, relying on principles of resilience and autonomy. / Secure provision for women in both the Criminal Justice System and the Health Service has evolved in the last decade, in line with emerging gender-specific policy. Notable gains have been the approach to self-harm in prison and a reduction in the inappropriately high levels of secure hospital care. Although treatment pilots in UK settings are in progress, much practice remains poorly described and insufficiently evaluated. Recent strategic initiatives by both the Ministry of Justice and the Department of Health, as well as the commissioning changes that have followed the Health and Social Care Act 2012, provide a basis for reconsideration and a further paradigm shift. Suggestions for a reinvigorated model of gender-sensitive provision are made, relying on principles of resilience and autonomy.
104	Attack and Defense with Hardware-Aided Security Zhang, Ning 26 August 2016 (has links) Riding on recent advances in computing and networking, our society is now experiencing the evolution into the age of information. While the development of these technologies brings great value to our daily life, the lucrative reward from cyber-crimes has also attracted criminals. As computing continues to play an increasing role in the society, security has become a pressing issue. Failures in computing systems could result in loss of infrastructure or human life, as demonstrated in both academic research and production environment. With the continuing widespread of malicious software and new vulnerabilities revealing every day, protecting the heterogeneous computing systems across the Internet has become a daunting task. Our approach to this challenge consists of two directions. The first direction aims to gain a better understanding of the inner working of both attacks and defenses in the cyber environment. Meanwhile, our other direction is designing secure systems in adversarial environment. / Ph. D. Trusted Execution Environment Hardware-Assisted Security Secure Execution Cache Rootkit
105	Breaking Privacy in Model-Heterogeneous Federated Learning Haldankar, Atharva Amit 14 May 2024 (has links) Federated learning (FL) is a communication protocol that allows multiple distrustful clients to collaboratively train a machine learning model. In FL, data never leaves client devices; instead, clients only share locally computed gradients or model parameters with a central server. As individual gradients may leak information about a given client's dataset, secure aggregation was proposed. With secure aggregation, the server only receives the aggregate gradient update from the set of all sampled clients without being able to access any individual gradient. One challenge in FL is the systems-level heterogeneity that is quite often present among client devices. Specifically, clients in the FL protocol may have varying levels of compute power, on-device memory, and communication bandwidth. These limitations are addressed by model-heterogeneous FL schemes, where clients are able to train on subsets of the global model. Despite the benefits of model-heterogeneous schemes in addressing systems-level challenges, the implications of these schemes on client privacy have not been thoroughly investigated. In this thesis, we investigate whether the nature of model distribution and the computational heterogeneity among client devices in model-heterogeneous FL schemes may result in the server being able to recover sensitive information from target clients. To this end, we propose two novel attacks in the model-heterogeneous setting, even with secure aggregation in place. We call these attacks the Convergence Rate Attack and the Rolling Model Attack. The Convergence Rate Attack targets schemes where clients train on the same subset of the global model, while the Rolling Model Attack targets schemes where model-parameters are dynamically updated each round. We show that a malicious adversary is able to compromise the model and data confidentiality of a target group of clients. We evaluate our attacks on the MNIST dataset and show that using our techniques, an adversary can reconstruct data samples with high fidelity. / Master of Science / Federated learning (FL) is a communication protocol that allows multiple distrustful users to collaboratively train a machine learning model together. In FL, data never leaves user devices; instead, users only share locally computed gradients or model parameters (e.g. weight and bias values) with an aggregation server. As individual gradients may leak information about a given user's dataset, secure aggregation was proposed. Secure aggregation is a protocol that users and the server run together, where the server only receives the aggregate gradient update from the set of all sampled users instead of each individual user update. In FL, users often have varying levels of compute power, on-device memory, and communication bandwidth. These differences between users are collectively referred to as systems-level (or system) heterogeneity. While there are a number of techniques to address system heterogeneity, one popular approach is to have users train on different subsets of the global model. This approach is known as model-heterogeneous FL. Despite the benefits of model-heterogeneous FL schemes in addressing systems-level challenges, the implications of these schemes on user privacy have not been thoroughly investigated. In this thesis, we investigate whether the nature of model distribution and the differences in compute power between user devices in model-heterogeneous FL schemes may result in the server being able to recover sensitive information. To this end, we propose two novel attacks in the model-heterogeneous setting with secure aggregation in place. We call these attacks the Convergence Rate Attack and the Rolling Model Attack. The Convergence Rate Attack targets schemes where users train on the same subset of the global model, while the Rolling Model Attack targets schemes where model-parameters may change each round. We first show that a malicious server is able to obtain individual user updates, despite secure aggregation being in place. Then, we demonstrate how an adversary can utilize those updates to reverse engineer data samples from users. We evaluate our attacks on the MNIST dataset, a commonly used dataset of handwritten digits and their labels. We show that by running our attacks, an adversary can accurately identify what images a user trained on. Model-Heterogeneous FL Secure Aggregation Privacy Confidentiality Gradient Inversion
106	ACADIA: Efficient and Robust Adversarial Attacks Against Deep Reinforcement Learning Ali, Haider 05 January 2023 (has links) Existing adversarial algorithms for Deep Reinforcement Learning (DRL) have largely focused on identifying an optimal time to attack a DRL agent. However, little work has been explored in injecting efficient adversarial perturbations in DRL environments. We propose a suite of novel DRL adversarial attacks, called ACADIA, representing AttaCks Against Deep reInforcement leArning. ACADIA provides a set of efficient and robust perturbation-based adversarial attacks to disturb the DRL agent's decision-making based on novel combinations of techniques utilizing momentum, ADAM optimizer (i.e., Root Mean Square Propagation or RMSProp), and initial randomization. These kinds of DRL attacks with novel integration of such techniques have not been studied in the existing Deep Neural Networks (DNNs) and DRL research. We consider two well-known DRL algorithms, Deep-Q Learning Network (DQN) and Proximal Policy Optimization (PPO), under Atari games and MuJoCo where both targeted and non-targeted attacks are considered with or without the state-of-the-art defenses in DRL (i.e., RADIAL and ATLA). Our results demonstrate that the proposed ACADIA outperforms existing gradient-based counterparts under a wide range of experimental settings. ACADIA is nine times faster than the state-of-the-art Carlini and Wagner (CW) method with better performance under defenses of DRL. / Master of Science / Artificial Intelligence (AI) techniques such as Deep Neural Networks (DNN) and Deep Reinforcement Learning (DRL) are prone to adversarial attacks. For example, a perturbed stop sign can force a self-driving car's AI algorithm to increase the speed rather than stop the vehicle. There has been little work developing attacks and defenses against DRL. In DRL, a DNN-based policy decides to take an action based on the observation of the environment and gets the reward in feedback for its improvements. We perturb that observation to attack the DRL agent. There are two main aspects to developing an attack on DRL. One aspect is to identify an optimal time to attack (when-to-attack?). The second aspect is to identify an eﬀicient method to attack (how-to-attack?). To answer the second aspect, we propose a suite of novel DRL adversarial attacks, called ACADIA, representing AttaCks Against Deep reInforcement leArning. We consider two well-known DRL algorithms, Deep-Q Learning Network (DQN) and Proximal Policy Optimization (PPO), under DRL environments of Atari games and MuJoCo where both targeted and non-targeted attacks are considered with or without state-of-the-art defenses. Our results demonstrate that the proposed ACADIA outperforms state-of-the-art perturbation methods under a wide range of experimental settings. ACADIA is nine times faster than the state-of-the-art Carlini and Wagner (CW) method with better performance under the defenses of DRL. Secure AI Deep Reinforcement Learning Adversarial Learning Adversarial Attacks
107	Key Management Techniques for Dynamic Secure Multicasting Koneni, Madhu 21 July 2003 (has links) Most of the Internet applications today require multicasting. For example, software updates, multimedia content distribution, interacting gaming and stock data distribution require multicast services. All of these applications require privacy and authenticity of the participants. Most of the multicasting groups are dynamic and some of them are large in number. Only those users who belong to the multicasting group should receive the information and be able to decrypt it. New users joining the group should receive information immediately but should not understand the information that was released prior to their joining. Similarly, if users leave the group, they should not receive any further information and should not be able to decrypt it. Keys need to be distributed to the users belonging to the current session and hence some kind of key management is required. Existing schemes for secure multicasting are limited to small and static groups. To allow large and dynamic groups to use the services of multicasting, some protocols have been developed: Multicast Trees, Spanning Tree, Centralized Tree-Based Key Management, Flat-key Management and Distributed Key Management. Some of these schemes are better than others with respect to the speed, memory consumption, and amount of communication needed to distribute the keys. All these schemes are limited in performance with respect to the speed, memory consumption, and amount of communication needed in distributing the keys. In this thesis, a number of public and private key algorithms and key management techniques for secure and dynamic multicasting are studied and analyzed. The thesis is focused on the secure lock method developed by Chiou and Chen, using the Chinese Remainder Theorem. The protocol is implemented for a small group of users and its performance is studied. While, the secure lock method works well for a small group of users and the performance is degraded when the group grows in size. A protocol is proposed for a large and dynamic group, based on the idea of the Chinese Remainder Theorem. A performance study is carried out by comparing our proposed protocol with the existing multicasting protocols. The analysis shows that the proposed protocol works well for large and dynamic groups and gives significantly better performance. / Master of Science Key Management Dynamic Secure Multicasting Chinese Remainder Theorem
108	Implementation of DPA-Resistant Circuit for FPGA Yu, Pengyuan 16 May 2007 (has links) In current Field-Programmable-Logic Architecture (FPGA) design flows, it is very hard to control the routing of submodules. It is thus very hard to make an identical copy of an existing circuit within the same FPGA fabric. We have solved this problem in a way that still enables us to modify the logic function of the copied submodule. Our technique has important applications in the design of side-channel resistant implementations in FPGA. Starting from an existing single-ended design, we are able to create a complementary circuit. The resulting overall circuit strongly reduces the power-consumption-dependent information leaks. We will show all the necessary steps needed to implement secure circuits on a FPGA, from initial design stage all the way to verification of the level of security through laboratory measurements. We show that the direct mapping of a secure ASIC circuit-style in an FPGA does not preserve the same level of security, unless our symmetrical routing technique is employed. We demonstrate our approach on an FPGA prototype of a cryptographic design, and show through power-measurements followed by side-channel power analysis that secure logic implemented with our approach is resistant whereas non-routing-aware directly mapped circuit can be successfully attacked. / Master of Science Differential Power Analysis Secure Circuit Field programmable gate arrays
109	Secure Communication Networks for Connected Vehicles Mahadevegowda, Spandan 17 January 2023 (has links) With the advent of electric vehicles (EVs) and the proliferation of vehicle technologies like drive-by-wire and autonomous driving, advanced communication protocols to connect vehicles and the infrastructure have been proposed. However, practical large-scale deployments have been hindered due to caveats such as hardware, and infrastructure demands — including the security of vehicles, given their ubiquitous nature and direct correlation to human safety. As part of this thesis, we look at deploying a practical solution to adopt a secure large-scale vehicle-to-everything (V2X) communication architecture. Then, we also try to analyze and detect vulnerabilities in vehicle-to-grid communication for electric vehicles. In the first work, we analyze, build a proof of concept and evaluate the use of commercial off-the-shelf (COTS) smartphones as secure cellular-vehicle-to-everything (CV2X) radios. Here, we study the various possible network topologies considering the long-term evolution (LTE) technology with necessary latency requirements considering security and the associated overhead. We further simulate the proposed method by considering real-world scalability for practical deployment. In the second work, we analyze the ISO15118 standard for EV-to-electric grid communication involving high levels of energy exchange. We develop a grammatical fuzzing architecture to assess and evaluate the implementation of the standard on a road-deployed vehicle to detect security vulnerabilities and shortcomings. / Master of Science / The technology around vehicles and the transportation infrastructure has immensely advanced in the last few decades. Today we have advanced technologies like driver assistance, automated driving, and access to multimedia within our vehicles. And deploying such technologies has only been possible due to advancements in the electronics embedded in the vehicles and surrounding infrastructure. Opportunely, we can further improve the technologies to include numerous safety features by connecting vehicles and infrastructure via communication networks. However, this poses immense challenges regarding the scaling of communication infrastructure for the timely exchange of data and its security. But, given the proliferation of cellular technology, the ubiquitous nature of smartphones, and their capabilities, we propose and evaluate the idea of using commercial off-the-shelf (COTS) smartphones to connect vehicles and the infrastructure to exchange data securely. The first work of this thesis details the analysis and evaluation of the system and the network for a secure COTS-based cellular-vehicle-to-everything architecture, including a proof of concept hardware implementation and additional simulations. Additionally, in light of climate policies and cleaner transportation alternatives, we are moving from gasoline-based internal combustion engines to electric vehicles, requiring the transfer of extended amounts of electric energy from the electric grid to the batteries in the vehicles. In light of the same, ISO 15118 standard was developed to reduce repetitive efforts and standardize the communication and exchange of this energy. But as with any new technology, especially involving communication, new attack vectors for malicious entities open up. Therefore, we study this new standard and develop a novel fuzzing architecture to test the implementation of the standard on deployed real-world vehicles for security vulnerabilities and robustness. Again, as this is a nascent technology and standard, a fuzzing approach would accelerate the detection of edge cases and threats before these are exploited to cause harm to human life and property. CV2X V2G Connected Vehicles Secure Networks Trusted Execution
110	Constant Lower Bounds on the Cryptographic Security of Quantum Two-Party Computations Osborn, Sarah Anne 24 May 2022 (has links) In this thesis, we generate a lower bound on the security of quantum protocols for secure function evaluation. Central to our proof is the concept of gentle measurements of quantum states, which do not greatly disturb a quantum state if a certain outcome is obtained with high probability. We show how a cheating party can leverage gentle measurements to learn more information than should be allowable. To quantify our lower bound, we reduce a specific cryptographic task known as die-rolling to secure function evaluation and use the concept of gentle measurements to relate their security notions. Our lower bound is then obtained using a known security bound for die-rolling known as Kitaev's bound. Due to the generality of secure function evaluation, we are able to apply this lower bound to obtain lower bounds on the security of quantum protocols for many quantum tasks. In particular, we provide lower bounds for oblivious transfer, XOR oblivious transfer, the equality function, the inner product function, Yao's millionaires' problem, and the secret phrase problem. Note that many of these lower bounds are the first of their kind, which is a testament to the utility of our lower bound. As a consequence, these bounds prove that unconditional security for quantum protocols is impossible for these applications, and since these are constant lower bounds, this rules out any form of boosting toward perfect security. Our work lends itself to future research on designing optimal protocols for the above listed tasks, and potentially others, by providing constant lower bounds to approximate or improve. / Master of Science / Quantifying the cryptographic security of quantum applications is the focus of much research in the quantum cryptography discipline. Quantum protocols might have better security than their classical counterparts, and this advantage might make the adoption of quantum cryptographic protocols a viable option. In this thesis, we introduce a method for generating constant lower bounds on the security of a variety of quantum applications. This is accomplished through finding a lower bound on the security of a protocol that is general, and by virtue of its generality, can be scoped to quantum applications such that the lower bound can be applied, and constant lower bounds generated for these applications. The significance of the work in this thesis is that many of the constant lower bounds presented are the first of their kind for these quantum applications, thus proving the impossibility of them having unconditional security. This also proves that one cannot asymptotically boost towards perfect security in these quantum tasks by any means. These constant lower bounds also provide a foundation for future work in the study of these quantum applications, specifically in the search for upper and lower bounds on their cryptographic security, as well as in the search for protocols that approximate these bounds. Quantum Computation Quantum Cryptography Lower Bounds Secure Function Evaluation

Search results