Earticle

Digital watermarking has been widely applied to relational database for ownership protection and information hiding. But robustness and reversibility are two key challenges due to the frequently database maintaining operators on those tuples. This paper proposes a novel relational database watermarking scheme based on a fast and stable clustering method on database tuples, which adopts Mahalanobis distance as the similarity measurement. Before the process of watermark embedding and detecting, the databases tuples are adaptively clustered into groups according to the length of binary watermark. Moreover the watermark segments are respectively embedded into or detected from those groups according to the numeric field's Lowest Significant Bit (LSB) and polar angle expansion. The majority decision strategy is used to determine the value of watermark bit in blind detection process. The experiment results indicate that the proposed watermarking scheme has higher robustness and reversibility under blind detection against the database maintaining operators.

The countless advantages of cloud computing has brought a massive change to the lifestyle and the way to cope with the world today, yet the cloud has to reach maturity. However, the main barrier to its widespread adoption is the security and privacy issues. In order to create and maintain mutual trust among the customers and the cloud service providers, a well – defined trust foundation should be implemented. The data stored in the cloud remotely by individual customer or an organization, so they lost control over the data, thus creating a security dilemma. The most challenging and hot research area in cloud computing now a day is the data security and access control. An effective measure to protect cloud computing resources and services in the start is to implement an access control mechanism. In this paper the features of various access control mechanisms are discussed and a novel framework of access control is proposed for cloud computing, which provides a multi - step and multifactor authentication of a user. The model proposed is well-organized and provably secure solution of access control for externally hosted applications.

Many sensor network security schemes protect the content of messages, while the contextual information is left vulnerable by disclosing the location of the monitored objects. Preserving location privacy is important and one of the most challenging issues in many mission critical sensor network applications. Prior solutions are mostly designed to protect privacy from local attackers who eavesdrop on traffic in a small region at a time. However, they can be easily defeated by highly motivated global attackers that can trace the entire network’s communication events. Although a few recent privacy solutions are proposed against global attackers, they suffer from significant communication overhead as they inject dummy traffic or send messages in a globally synchronized manner. As a result, they consume a lot of energy to maintain a desired privacy level that makes the network lifetime shorter. We propose an energy-efficient source location privacy preserving solution, named the Energy Efficient Location Privacy Scheme against global attackers (E-LPG). E-LPG hides original source locations through a spatial scatter of messages using stealthy wormholes and through a temporal scatter using random delays when permitted. With a limited number of wormholes, E-LPG can achieve a high privacy level without incurring extra communication overhead. We evaluated the efficiency and effectiveness of E-LPG through theoretical analysis and extensive simulations. We have shown that E-LPG also produces dramatic synergistic results when used with other privacy schemes complementarily.

Protocols for password-based authenticated key exchange (PAKE) enable two or more parties communicating over a public network to build a secure communication channel using their easy-to-remember passwords. However, off-line dictionary attacks have always been a major security concern in designing such password-based protocols. Compared with the two-party setting, the concern is significantly increased in the three-party setting where insider attacks may be mounted. In this paper, we identified an inherent flaw in the design of Nam et al.’s three-party PAKE protocol (IEEE Communications Letters, 13(3), 2009) and Lu and Cao’s protocol (Computers & Security, 26(1), 2007) and demonstrated that both protocols are susceptible to a previously unpublished off-line dictionary attack. We hope that by identifying this design flaw, similar structural mistakes can be avoided in future design. We conclude the paper with a simple countermeasure.

Protecting data and applications from malware and other forms of malicious code has assumed a great relevance in the current era of pervasive web-based applications. Attackers often use code obfuscation to hide harmful programs from automatic detection. Several researchers have proposed methods to classify an unknown program as malicious or benign; however, little work has been done to identify obfuscated code. A promising approach to detect obfuscated code consists of using a set of metrics, collected by static analysis, to classify a program. In this paper we present an empirical evaluation of three text-based metrics to identify obfuscated code. Our experiment shows that the effectiveness of these metrics depends on the obfuscators: there are cases in which the metrics allow the proliferation of false positives (i.e., misclassification of clear code as obfuscated code), which is bothering but not dangerous, and cases where false negatives (i.e. misclassification of obfuscated as clear code) proliferate, which is definitely more dangerous. Based on our experiment, we propose a combination of these three metrics and show how this combination outperforms the individual metrics.

There has been extensive research on a cryptanalytic time-memory tradeoff for recent 30 years. Since Hellman’s work in 1980, some improved variants and techniques have been proposed, and the rainbow method is known as the best time-memory tradeoff. As for the memory size, however, the required number of bits per start point and end point was not explicitly considered in these works. With this in mind, we propose a new time-memory tradeoff and analyze the expected cryptanalysis time.

Verifying the correctness of large, complex and dynamic access control policies by hand is insufficient and error-prone. We present X-policy, a knowledge-based verification tool that can analyse the system's vulnerabilities where the attackers can act as a coalition of users, use the system, share knowledge and collaborate with each other to achieve the attack. We present a policy language that is able to express dynamic access control policies and a corresponding query language. We model the EasyChair conference management system and we analyse in details three security properties of EasyChair using our model. Finally, we compare our results with similar tools and we discuss the results and the advantages of our tool and approach.

Remote user authentication scheme is a kind of way to authenticate the communication parties who transmit messages through an insecure channel. Researchers in this area have proposed some approaches during the last couple of decades. Unfortunately, most of them are proved to be insecure against various attacks. In 2009, Kim and Chung improved Yoon and Yoo’s scheme, and claimed that their scheme can prevent masquerading attack as well as resist to other malicious attacks. However, we found that Kim and Chung’s scheme is still not secure enough, especially in preventing off-line password guessing attack. In this study, we proposed a more secure and practical remote user authentication scheme to resolve all of the aforementioned security vulnerabilities while preserving the merits of Kim-Chung’s scheme.

WSN is the collection of thousands of tiny sensor nodes, which have the capability of sensing, computing and transmitting the information in the network. Due to the low circuit design, it has some resource constraints but efficient to carry the information through wireless communication. But the exchange of information in a secure manner is critical in WSN. There are many techniques developed in recent years for the security purposes, one of the area is the key management. Key management is the challenging issue in sensor networks. In this paper we present the key management techniques for wireless sensor networks and classification has been presented based on the encryption techniques.

H2-MAC was proposed by Yasuda to increase efficiency over hash-based message authentication code (HMAC) by omitting its outer key, and keep the advantages and security of HMAC at the same time. We propose an efficient method to break H2-MAC, by using a generalized birthday attack to recover the equivalent key, under the assumption that the underlying hash function is secure (collision resistance). We can successfully recover the equivalent key of H2-MAC instantiated with any Merkle-Damgard hash function in about 2n=2 on-line message authentication code (MAC) queries and 2n=2 o-line MAC computations with good probability. We argue that the pseudo random function-ax (PRF-AX) assumption of the origin security proof of H2-MAC, and we prove that the security of H2- MAC is dependent on the collision resistance of the underlying hash function, instead of the PRF assumption.

Human gesture recognition is a non-verbal part for interaction or movement that can be used to involves real world and virtual world. In this paper, we explain a study on natural user interface (NUI) in human gesture recognition using RGB color information and depth information by Kinect camera from Microsoft Corporation. To achieve the goal, hand tracking and gesture recognition have no major dependencies of the work environment, lighting or users’ skin color, libraries of particular use for natural interaction and Kinect device, which serves to provide RGB images of the environment and the depth map of the scene were used. An improved CamShift tracking algorithm combined with depth information is used to tracking hand motion, and then an associative method of HMM and FNN is propose for gesture recognition step. The experimental results show out its good performance and it has higher stability and accuracy as well.

Wireless sensor networks (WSNs) have many applications, vary in size, and are deployed in a wide variety of areas. They are often deployed in potentially adverse or even hostile environment so that there are concerns on security issues in these WSNs. Sensor nodes used are resource-constrained, which make security applications a challenging problem. Key agreement is a fundamental security service in WSNs; it enables sensor nodes to communicate securely with each other using cryptographic techniques. However, due to the resource constraints on sensor nodes, it is infeasible to use traditional key management techniques such as public key cryptography and key distribution center. Recently, Guo et al. proposed an efficient and non-interactive hierarchical key agreement protocol applicable to mobile ad-hoc networks, which has good properties including non-interactive, hierarchical, resilient, etc. The purpose of this paper is to propose a non-interactive hierarchical key agreement protocol over the hierarchical WSNs, which is a revision of Guo et al.’s protocol for the WSNs due to their protocol’s good properties. Our revision inherit advantages from Guo et al.’s protocol and well suited to the hierarchical WSNs.

The study deals with an empirical analysis on development effects of diabetic prevention information system. The subjects of this study were 114 patients who had been visited a general hospital which located in urban area. The validity of the developed information system was estimated using intervention method that measured action-oriented, relevant, and effect of time elapsed between groups. The present research showed that health practice behavior in diabetic patients can be increased to 61.5-87.2% by information system. This study showed that diabetic prevention information system could help patients with diabetes mellitus in providing effective practice of their health behavior.

The Hill cipher is the first polygraph cipher which has some advantages in symmetric data encryption. However, it is vulnerable to known plaintext attack. Another setback is that an invertible key matrix is needed for decryption and it is not suitable for encrypting a plaintext consisting of zeroes. The objective of this work is to modify the existing Hill cipher to overcome these three issues. Studies on previous results showed that the existing Hill algorithms are not yet sufficient. Some of these algorithms are still vulnerable to known plaintext attack. On the other hand, some of these algorithms have better randomization properties and as a result they are more resistant against known plaintext attack. Nevertheless, these enhanced Hill cipher algorithms still face the non invertible key matrix problem. Moreover, neither of these algorithms are suitable for all zeroes plaintext block encryption. In this paper, a robust Hill algorithm (Hill++) is proposed. The algorithm is an extension of the Affine Hill cipher. A random matrix key is introduced as an extra key for encryption. Moreover, an involuntary matrix key formulation is also implemented in the proposed algorithm. This formulation can produce an involuntary key where a same key can be used for both encryption and decryption. Testing on the proposed algorithm is carried out via two approaches, that is through comparative study and statistical analysis. Comparative study shows that Hill++ is resistant to all zeroes plaintext block encryption and does not face the non invertible key matrix problem as what was faced by the original Hill, AdvHill and HillMRIV algorithms. Apart from this, the encryption quality of the proposed algorithm is also measured by using the maximum deviation and correlation coefficient factors. Results from statistical analysis shows that Hill++ (when compared to Hill, AdvHill and HillMRIV algorithms) has the greatest maximum deviation value and its correlation coefficient value is the closest to zero. The results from these two measures proved that Hill++ has better encryption quality compared to HillMRIV.

In this paper, we propose an illumination-robust face recognition system via local directional pattern images. Usually, local pattern descriptors including local binary pattern and local directional pattern have been used in the field of the face recognition and facial expression recognition, since local pattern descriptors have important properties to be robust against the illumination changes and computational simplicity. Thus, this paper represents the face recognition approach that employs the local directional pattern descriptor and two-dimensional principal analysis algorithms to achieve enhanced recognition accuracy. In particular, we propose a novel methodology that utilizes the transformed image obtained from local directional pattern descriptor as the direct input image of two-dimensional principal analysis algorithms, unlike that most of previous works employed the local pattern descriptors to acquire the histogram features. The performance evaluation of proposed system was performed using well-known approaches such as principal component analysis and Gabor-wavelets based on local binary pattern, and publicly available databases including the Yale B database and the CMU-PIE database were employed. Through experimental results, the proposed system showed the best recognition accuracy compared to different approaches, and we confirmed the effectiveness of the proposed method under varying lighting conditions.