Spelling suggestions: "subject:"2security anda privacy"" "subject:"2security anda rivacy""
1 |
Realistic, Efficient and Secure Geographic Routing in Vehicular NetworksZhang, Lei 10 March 2015 (has links)
It is believed that the next few decades will witness the booming development of the Internet of Things (IoT). Vehicular network, as a significant component of IoT, has attracted lots of attention from both academia and industry in recent years. In the field of vehicular networks, Vehicular Ad hoc NETwork (VANET) is one of the hottest topics investigated. This dissertation focuses on VANET geocast, which is a special form of multicast in VANET. In geocast, messages are delivered to a group of destinations in the network identified by their geographic locations. Geocast has many promising applications, i.e., geographic messaging, geographic advertising and other location-based services. Two phases are usually considered in the geocast process: phase one, message delivery from the message source to the destination area by geographic routing; phase two, message broadcast within the destination area.
This dissertation covers topics in the two phases of geocast in urban VANETs, where for phase one, a data-driven geographic routing scheme and a security and privacy preserving framework are presented; and for phase two, the networking connectivity is analyzed and studied. The contributions of this dissertation are three-fold.
First, from a real-world data trace study, this dissertation studies the city taxi- cab mobility. It proposes a mobility-contact-aware geocast scheme (GeoMobCon)for metropolitan-scale urban VANETs. The proposed scheme employs the node mobility (two levels, i.e., macroscopic and microscopic mobilities) and contact history information. A buffer management scheme is also introduced to further improve the performance.
Second, this dissertation investigates the connectivity of the message broadcast in urban scenarios. It models the message broadcast in urban VANETs as the directed connectivity problem on 2D square lattices and proposes an algorithm to derive the exact analytical solution. The approach is also applied to urban VANET scenarios, where both homogeneous and heterogeneous vehicle density cases are considered.
Third, this work focuses on the security and privacy perspectives of the opportunistic routing, which is the main technique utilized by the proposed geographic routing scheme. It proposes a secure and privacy preserving framework for the general opportunistic-based routing. A comprehensive evaluation of the framework is also provided.
In summary, this dissertation focuses on a few important aspects of the two phases of VANET geocast in urban scenarios. It shows that the vehicle mobility and contact information can be utilized to improve the geographic routing performance for large- scale VANET systems. Targeting at the opportunistic routing, a security and privacy preserving framework is proposed to preserve the confidentiality of the routing metric information for the privacy purpose, and it also helps to achieve the anonymous authentication and efficient key agreement for security purposes. On the other hand, the network connectivity for the message broadcast in urban scenarios is studied quantitatively with the proposed solution, which enables us to have a better understanding of the connectivity itself and its impact factors (e.g., bond probability and network scale). / Graduate
|
2 |
Privacy Preserving Information Sharing in Modern and Emerging PlatformsTian, Yuan 01 May 2018 (has links)
Users share a large amount of information with modern platforms such as web platforms and social platforms for various services. However, they face the risk of information leakage because modern platforms still lack proper security policies. Existing security policies, such as permission systems and isolation, can help regulate information sharing. However, these policies have problems, such as coarse granularity, bad usability, and incompleteness, especially when new features are introduced. I investigate the security impacts of new features in web and mobile platforms and find design problems that lead to user information leakage. Based on these analyses, I propose design principles for permission systems that mediate how information should be shared in modern and emerging platforms, such as web and social platforms, to provide functionality with privacy preserved. I aim to design permission systems that only allow least-privilege information access. Specifically, I utilize program analysis and natural language processing to understand how applications use sensitive data and correlate these data with their functionality. With this understanding, I design schemes that ask for user consent about unexpected information access and automatically reduce overprivileged access. I provide guidelines for platform designers to build their permission systems according to respective adversary models and resources. In particular, I implement the new permission system for social platforms and Internet of Things (IoT) platforms that enable least-privilege information sharing. For the social platforms, I incorporate the primitives of Opaque handle, Opaque display, and User-driven access control (OOU) to design a least-privilege, user-friendly, developer-friendly, and feature-rich permission system. According to my study on Facebook, OOU can be applied to remove or replace 81.2% of sensitive permission instances without affecting functionality. For IoT platforms, I present a new authorization framework, SmartAuth, that supports user-centric, semantic-based authorization. SmartAuth automatically collects security-relevant information from an IoT application’s description, code, and annotations, and generates an authorization user interface to bridge the gap between the functionalities explained to the user and the operations the application actually performs.
|
3 |
Security and Privacy Preservation in Vehicular Social NetworksLu, Rongxing January 2012 (has links)
Improving road safety and traffic efficiency has been a long-term endeavor for the government, automobile industry and academia. Recently, the U.S. Federal Communication Commission (FCC) has allocated a 75 MHz spectrum at 5.9 GHz for vehicular communications, opening a new door to combat the road fatalities by letting vehicles communicate to each other on the roads. Those communicating vehicles form a huge Ad Hoc Network, namely Vehicular Ad Hoc Network (VANET). In VANETs, a variety of applications ranging from the safety related (e.g. emergence report, collision warning) to the non-safety related (e.g., delay tolerant network, infortainment sharing) are enabled by vehicle-to-vehicle (V-2-V) and vehicle-to-roadside (V-2-I) communications. However, the flourish of VANETs still hinges on fully understanding and managing the challenging issues over which the public show concern, particularly, security and privacy preservation issues. If the traffic related messages are not authenticated and integrity-protected in VANETs, a single bogus and/or malicious message can potentially incur a terrible traffic accident. In addition, considering VANET is usually implemented in civilian scenarios where locations of vehicles are closely related to drivers, VANET cannot be widely accepted by the public if VANET discloses the privacy information of the drivers, i.e., identity privacy and location privacy. Therefore, security and privacy preservation must be well addressed prior to its wide acceptance. Over the past years, much research has been done on considering VANET's unique characteristics and addressed some security and privacy issues in VANETs; however, little of it has taken the social characteristics of VANET into consideration. In VANETs, vehicles are usually driven in a city environment, and thus we can envision that the mobility of vehicles directly reflects drivers' social preferences and daily tasks, for example, the places where they usually go for shopping or work. Due to these human factors in VANETs, not only the safety related applications but also the non-safety related applications will have some social characteristics.
In this thesis, we emphasize VANET's social characteristics and introduce the concept of vehicular social network (VSN), where both the safety and non-safety related applications in VANETs are influenced by human factors including human mobility, human self-interest status, and human preferences. In particular, we carry on research on vehicular delay tolerant networks and infotainment sharing --- two important non-safety related applications of VSN, and address the challenging security and privacy issues related to them. The main contributions are, i) taking the human mobility into consideration, we first propose a novel social based privacy-preserving packet forwarding protocol, called SPRING, for vehicular delay tolerant network, which is characterized by deploying roadside units (RSUs) at high social intersections to assist in packet forwarding. With the help of high-social RSUs, the probability of packet drop is dramatically reduced and as a result high reliability of packet forwarding in vehicular delay tolerant network can be achieved. In addition, the SPRING protocol also achieves conditional privacy preservation and resist most attacks facing vehicular delay tolerant network, such as packet analysis attack, packet tracing attack, and black (grey) hole attacks. Furthermore, based on the ``Sacrificing the Plum Tree for the Peach Tree" --- one of the Thirty-Six Strategies of Ancient China, we also propose a socialspot-based packet forwarding (SPF) protocol for protecting receiver-location privacy, and present an effective pseudonyms changing at social spots strategy, called PCS, to facilitate vehicles to achieve high-level location privacy in vehicular social network; ii) to protect the human factor --- interest preference privacy in vehicular social networks, we propose an efficient privacy-preserving protocol, called FLIP, for vehicles to find like-mined ones on the road, which allows two vehicles sharing the common interest to identify each other and establish a shared session key, and at the same time, protects their interest privacy (IP) from other vehicles who do not share the same interest on the road. To generalize the FLIP protocol, we also propose a lightweight privacy-preserving scalar product computation (PPSPC) protocol, which, compared with the previously reported PPSPC protocols, is more efficient in terms of computation and communication overheads; and iii) to deal with the human factor -- self-interest issue in vehicular delay tolerant network, we propose a practical incentive protocol, called Pi, to stimulate self-interest vehicles to cooperate in forwarding bundle packets. Through the adoption of the proper incentive policies, the proposed Pi protocol can not only improve the whole vehicle delay tolerant network's performance in terms of high delivery ratio and low average delay, but also achieve the fairness among vehicles.
The research results of the thesis should be useful to the implementation of secure and privacy-preserving vehicular social networks.
|
4 |
Empowering bystanders to facilitate Internet censorship measurement and circumventionBurnett, Samuel Read 27 August 2014 (has links)
Free and open exchange of information on the Internet is at risk: more than 60 countries practice some form of Internet censorship, and both the number of countries practicing censorship and the proportion of Internet users who are subject to it are on the rise. Understanding and mitigating these threats to Internet freedom is a continuous technological arms race with many of the most influential governments and corporations.
By its very nature, Internet censorship varies drastically from region to region, which has impeded nearly all efforts to observe and fight it on a global scale. Researchers and developers in one country may find it very difficult to study censorship in another; this is particularly true for those in North America and Europe attempting to study notoriously pervasive censorship in Asia and the Middle East.
This dissertation develops techniques and systems that empower users in one country, or bystanders, to assist in the measurement and circumvention of Internet censorship in another. Our work builds from the observation that there are people everywhere who are willing to help us if only they knew how. First, we develop Encore, which allows webmasters to help study Web censorship by collecting measurements from their sites' visitors. Encore leverages weaknesses in cross-origin security policy to collect measurements from a far more diverse set of vantage points than previously possible. Second, we build Collage, a technique that uses the pervasiveness and scalability of user-generated content to disseminate censored content. Collage's novel communication model is robust against censorship that is significantly more powerful than governments use today. Together, Encore and Collage help people everywhere study and circumvent Internet censorship.
|
5 |
Security and Privacy Preservation in Vehicular Social NetworksLu, Rongxing January 2012 (has links)
Improving road safety and traffic efficiency has been a long-term endeavor for the government, automobile industry and academia. Recently, the U.S. Federal Communication Commission (FCC) has allocated a 75 MHz spectrum at 5.9 GHz for vehicular communications, opening a new door to combat the road fatalities by letting vehicles communicate to each other on the roads. Those communicating vehicles form a huge Ad Hoc Network, namely Vehicular Ad Hoc Network (VANET). In VANETs, a variety of applications ranging from the safety related (e.g. emergence report, collision warning) to the non-safety related (e.g., delay tolerant network, infortainment sharing) are enabled by vehicle-to-vehicle (V-2-V) and vehicle-to-roadside (V-2-I) communications. However, the flourish of VANETs still hinges on fully understanding and managing the challenging issues over which the public show concern, particularly, security and privacy preservation issues. If the traffic related messages are not authenticated and integrity-protected in VANETs, a single bogus and/or malicious message can potentially incur a terrible traffic accident. In addition, considering VANET is usually implemented in civilian scenarios where locations of vehicles are closely related to drivers, VANET cannot be widely accepted by the public if VANET discloses the privacy information of the drivers, i.e., identity privacy and location privacy. Therefore, security and privacy preservation must be well addressed prior to its wide acceptance. Over the past years, much research has been done on considering VANET's unique characteristics and addressed some security and privacy issues in VANETs; however, little of it has taken the social characteristics of VANET into consideration. In VANETs, vehicles are usually driven in a city environment, and thus we can envision that the mobility of vehicles directly reflects drivers' social preferences and daily tasks, for example, the places where they usually go for shopping or work. Due to these human factors in VANETs, not only the safety related applications but also the non-safety related applications will have some social characteristics.
In this thesis, we emphasize VANET's social characteristics and introduce the concept of vehicular social network (VSN), where both the safety and non-safety related applications in VANETs are influenced by human factors including human mobility, human self-interest status, and human preferences. In particular, we carry on research on vehicular delay tolerant networks and infotainment sharing --- two important non-safety related applications of VSN, and address the challenging security and privacy issues related to them. The main contributions are, i) taking the human mobility into consideration, we first propose a novel social based privacy-preserving packet forwarding protocol, called SPRING, for vehicular delay tolerant network, which is characterized by deploying roadside units (RSUs) at high social intersections to assist in packet forwarding. With the help of high-social RSUs, the probability of packet drop is dramatically reduced and as a result high reliability of packet forwarding in vehicular delay tolerant network can be achieved. In addition, the SPRING protocol also achieves conditional privacy preservation and resist most attacks facing vehicular delay tolerant network, such as packet analysis attack, packet tracing attack, and black (grey) hole attacks. Furthermore, based on the ``Sacrificing the Plum Tree for the Peach Tree" --- one of the Thirty-Six Strategies of Ancient China, we also propose a socialspot-based packet forwarding (SPF) protocol for protecting receiver-location privacy, and present an effective pseudonyms changing at social spots strategy, called PCS, to facilitate vehicles to achieve high-level location privacy in vehicular social network; ii) to protect the human factor --- interest preference privacy in vehicular social networks, we propose an efficient privacy-preserving protocol, called FLIP, for vehicles to find like-mined ones on the road, which allows two vehicles sharing the common interest to identify each other and establish a shared session key, and at the same time, protects their interest privacy (IP) from other vehicles who do not share the same interest on the road. To generalize the FLIP protocol, we also propose a lightweight privacy-preserving scalar product computation (PPSPC) protocol, which, compared with the previously reported PPSPC protocols, is more efficient in terms of computation and communication overheads; and iii) to deal with the human factor -- self-interest issue in vehicular delay tolerant network, we propose a practical incentive protocol, called Pi, to stimulate self-interest vehicles to cooperate in forwarding bundle packets. Through the adoption of the proper incentive policies, the proposed Pi protocol can not only improve the whole vehicle delay tolerant network's performance in terms of high delivery ratio and low average delay, but also achieve the fairness among vehicles.
The research results of the thesis should be useful to the implementation of secure and privacy-preserving vehicular social networks.
|
6 |
Evaluating the security of anonymized big graph/structural dataJi, Shouling 27 May 2016 (has links)
We studied the security of anonymized big graph data. Our main contributions include: new De-Anonymization (DA) attacks, comprehensive anonymity, utility, and de-anonymizability quantifications, and a secure graph data publishing/sharing system SecGraph. New DA Attacks. We present two novel graph DA frameworks: cold start single-phase Optimization-based DA (ODA) and De-anonymizing Social-Attribute Graphs (De-SAG). Unlike existing seed-based DA attacks, ODA does not priori knowledge. In addition, ODA’s DA results can facilitate existing DA attacks by providing more seed information. De-SAG is the first attack that takes into account both graph structure and attribute information. Through extensive evaluations leveraging real world graph data, we validated the performance of both ODA and De-SAG. Graph Anonymity, Utility, and De-anonymizability Quantifications. We developed new techniques that enable comprehensive graph data anonymity, utility, and de-anonymizability evaluation. First, we proposed the first seed-free graph de-anonymizability quantification framework under a general data model which provides the theoretical foundation for seed-free SDA attacks. Second, we conducted the first seed-based quantification on the perfect and partial de-anonymizability of graph data. Our quantification closes the gap between seed-based DA practice and theory. Third, we conducted the first attribute-based anonymity analysis for Social-Attribute Graph (SAG) data. Our attribute-based anonymity analysis together with existing structure-based de-anonymizability quantifications provide data owners and researchers a more complete understanding of the privacy of graph data. Fourth, we conducted the first graph Anonymity-Utility-De-anonymity (AUD) correlation quantification and provided close-forms to explicitly demonstrate such correlation. Finally, based on our quantifications, we conducted large-scale evaluations leveraging 100+ real world graph datasets generated by various computer systems and services. Using the evaluations, we demonstrated the datasets’ anonymity, utility, and de-anonymizability, as well as the significance and validity of our quantifications. SecGraph. We designed, implemented, and evaluated the first uniform and open-source Secure Graph data publishing/sharing (SecGraph) system. SecGraph enables data owners and researchers to conduct accurate comparative studies of anonymization/DA techniques, and to comprehensively understand the resistance/vulnerability of existing or newly developed anonymization techniques, the effectiveness of existing or newly developed DA attacks, and graph and application utilities of anonymized data.
|
7 |
Secure and Authenticated Message Dissemination in Vehicular ad hoc Networks and an Incentive-Based Architecture for Vehicular CloudLim, Kiho 01 January 2016 (has links)
Vehicular ad hoc Networks (VANETs) allow vehicles to form a self-organized network. VANETs are likely to be widely deployed in the future, given the interest shown by industry in self-driving cars and satisfying their customers various interests. Problems related to Mobile ad hoc Networks (MANETs) such as routing, security, etc.have been extensively studied. Even though VANETs are special type of MANETs, solutions proposed for MANETs cannot be directly applied to VANETs because all problems related to MANETs have been studied for small networks. Moreover, in MANETs, nodes can move randomly. On the other hand, movement of nodes in VANETs are constrained to roads and the number of nodes in VANETs is large and covers typically large area. The following are the contributions of the thesis.
Secure, authenticated, privacy preserving message dissemination in VANETs: When vehicles in VANET observe phenomena such as accidents, icy road condition, etc., they need to disseminate this information to vehicles in appropriate areas so the drivers of those vehicles can take appropriate action. When such messages are disseminated, the authenticity of the vehicles disseminating such messages should be verified while at the same time the anonymity of the vehicles should be preserved. Moreover, to punish the vehicles spreading malicious messages, authorities should be able to trace such messages to their senders when necessary. For this, we present an efficient protocol for the dissemination of authenticated messages.
Incentive-based architecture for vehicular cloud: Due to the advantages such as exibility and availability, interest in cloud computing has gained lot of attention in recent years. Allowing vehicles in VANETs to store the collected information in the cloud would facilitate other vehicles to retrieve this information when they need. In this thesis, we present a secure incentive-based architecture for vehicular cloud. Our architecture allows vehicles to collect and store information in the cloud; it also provides a mechanism for rewarding vehicles that contributing to the cloud.
Privacy preserving message dissemination in VANETs: Sometimes, it is sufficient to ensure the anonymity of the vehicles disseminating messages in VANETs. We present a privacy preserving message dissemination protocol for VANETs.
|
8 |
Security and privacy in perceptual computingJana, Suman 18 September 2014 (has links)
Perceptual, "context-aware" applications that observe their environment and interact with users via cameras and other sensors are becoming ubiquitous on personal computers, mobile phones, gaming platforms, household robots, and augmented-reality devices. This dissertation's main thesis is that perceptual applications present several new classes of security and privacy risks to both their users and the bystanders. Existing perceptual platforms are often completely inadequate for mitigating these risks. For example, we show that the augmented reality browsers, a class of popular perceptual platforms, contain numerous inherent security and privacy flaws. The key insight of this dissertation is that perceptual platforms can provide stronger security and privacy guarantees by controlling the interfaces they expose to the applications. We explore three different approaches that perceptual platforms can use to minimize the risks of perceptual computing: (i) redesigning the perceptual platform interfaces to provide a fine-grained permission system that allows least-privileged application development; (ii) leveraging existing perceptual interfaces to enforce access control on perceptual data, apply algorithmic privacy transforms to reduce the amount of sensitive content sent to the applications, and enable the users to audit/control the amount of perceptual data that reaches each application; and (iii) monitoring the applications' usage of perceptual interfaces to find anomalous high-risk cases. To demonstrate the efficacy of our approaches, first, we build a prototype perceptual platform that supports fine-grained privileges by redesigning the perceptual interfaces. We show that such a platform not only allows creation of least-privileged perceptual applications but also can improve performance by minimizing the overheads of executing multiple concurrent applications. Next, we build DARKLY, a security and privacy-aware perceptual platform that leverages existing perceptual interfaces to deploy several different security and privacy protection mechanisms: access control, algorithmic privacy transforms, and user audit. We find that DARKLY can run most existing perceptual applications with minimal changes while still providing strong security and privacy protection. Finally, We introduce peer group analysis, a new technique that detects anomalous high-risk perceptual interface usages by creating peer groups with software providing similar functionality and comparing each application's perceptual interface usages against those of its peers. We demonstrate that such peer groups can be created by leveraging information already available in software markets like textual descriptions and categories of applications, list of related applications, etc. Such automated detection of high-risk applications is essential for creating a safer perceptual ecosystem as it helps the users in identifying and installing safer applications with any desired functionality and encourages the application developers to follow the principle of least privilege. / text
|
9 |
Security awareness of computer users : a game based learning approachGamagedara Arachchilage, Nalin Asanka January 2012 (has links)
The research reported in this thesis focuses on developing a framework for game design to protect computer users against phishing attacks. A comprehensive literature review was conducted to understand the research domain, support the proposed research work and identify the research gap to fulfil the contribution to knowledge. Two studies and one theoretical design were carried out to achieve the aim of this research reported in this thesis. A quantitative approach was used in the first study while engaging both quantitative and qualitative approaches in the second study. The first study reported in this thesis was focused to investigate the key elements that should be addressed in the game design framework to avoid phishing attacks. The proposed game design framework was aimed to enhance the user avoidance behaviour through motivation to thwart phishing attack. The results of this study revealed that perceived threat, safeguard effectiveness, safeguard cost, self-efficacy, perceived severity and perceived susceptibility elements should be incorporated into the game design framework for computer users to avoid phishing attacks through their motivation. The theoretical design approach was focused on designing a mobile game to educate computer users against phishing attacks. The elements of the framework were addressed in the mobile game design context. The main objective of the proposed mobile game design was to teach users how to identify phishing website addresses (URLs), which is one of many ways of identifying a phishing attack. The mobile game prototype was developed using MIT App inventor emulator. In the second study, the formulated game design framework was evaluated through the deployed mobile game prototype on a HTC One X touch screen smart phone. Then a discussion is reported in this thesis investigating the effectiveness of the developed mobile game prototype compared to traditional online learning to thwart phishing threats. Finally, the research reported in this thesis found that the mobile game is somewhat effective in enhancing the user’s phishing awareness. It also revealed that the participants who played the mobile game were better able to identify fraudulent websites compared to the participants who read the website without any training. Therefore, the research reported in this thesis determined that perceived threat, safeguard effectiveness, safeguard cost, self-efficacy, perceived threat and perceived susceptibility elements have a significant impact on avoidance behaviour through motivation to thwart phishing attacks as addressed in the game design framework.
|
10 |
An empirical case study on Stack Overflow to explore developers’ security challengesRahman, Muhammad Sajidur January 1900 (has links)
Master of Science / Department of Computing and Information Sciences / Eugene Vasserman / The unprecedented growth of ubiquitous computing infrastructure has brought new challenges for security, privacy, and trust. New problems range from mobile apps with incomprehensible permission (trust) model to OpenSSL Heartbleed vulnerability, which disrupted the security of a large fraction of the world's web servers. As almost all of the software bugs and flaws boil down to programming errors/misalignment in requirements, we need to retrace back Software Development Life Cycle (SDLC) and supply chain to check and place security & privacy consideration and implementation plan properly.
Historically, there has been a divergent point of view between security teams and developers regarding security. Security is often thought of as a "consideration" or "toll gate" within the project plan rather than being built in from the early stage of project planning, development and production cycles. We argue that security can be effectively made into everyone's business in SDLC through a broader exploration of the users and their social-cultural contexts, gaining insight into their mental models of security and privacy and usage patterns of technology, trying to see why and how security practices being satisfied or not-satisfied, then transferring those observations into new tool building and protocol/interaction design.
The overall goal in our current study is to understand the common challenges and/or misconceptions regarding security-related issues among developers. In order to investigate into this issue, we conduct a mixed-method analysis on the data obtained from Stack Overflow(SO), one of the most popular on-line QA sites for software developer community to communicate, collaborate, and share information with one another. In this study, we have adopted techniques from mining software repositories research paradigm and have employed topic modeling for analyzing security-related topics in SO dataset. To our knowledge, our work in SO data mining is one of the earliest systematic attempts to understand the roots of challenges, misconceptions, and deterrent factors, if any, among developers while they try to implement security features during software development. We argue that a proper understanding of these issues is a necessary first step towards "build security in" culture in SDLC.
|
Page generated in 0.1571 seconds