Best Project Center | Best project center in chennai, best project center in t.nagar, best project center in tnagar, Best final year project center, project center in Chennai, project center near me, best project center in mambalam, best project center in vadapalani, best project center in ashok nagar, best project center in Annanagar, best project center

Search Projects Here

178 Results Found

COVID-19 PANDEMIC- A Systematic Review On The Use Of AI And ML For Fighting The COVID-19 Pandemic

Artificial Intelligence (AI) And Machine Learning (ML) Have Caused A Paradigm Shift In Healthcare That Can Be Used For Decision Support And Forecasting By Exploring Medical Data. Recent Studies Have Shown That AI And ML Can Be Used To Fight COVID-19. The Objective Of This Article Is To Summarize The Recent AI- And ML-based Studies That Have Addressed The Pandemic. From An Initial Set Of 634 Articles, A Total Of 49 Articles Were Finally Selected Through An Inclusion-exclusion Process. In This Article, We Have Explored The Objectives Of The Existing Studies (i.e., The Role Of AI/ML In Fighting The COVID-19 Pandemic); The Context Of The Studies (i.e., Whether It Was Focused On A Specific Country-context Or With A Global Perspective; The Type And Volume Of The Dataset; And The Methodology, Algorithms, And Techniques Adopted In The Prediction Or Diagnosis Processes). We Have Mapped The Algorithms And Techniques With The Data Type By Highlighting Their Prediction/classification Accuracy. From Our Analysis, We Categorized The Objectives Of The Studies Into Four Groups: Disease Detection, Epidemic Forecasting, Sustainable Development, And Disease Diagnosis. We Observed That Most Of These Studies Used Deep Learning Algorithms On Image-data, More Specifically On Chest X-rays And CT Scans. We Have Identified Six Future Research Opportunities That We Have Summarized In This Paper.

FACE EXPRESSION RECOGNITION- Automatic Detection Of Pain From Facial Expressions A Survey

Pain Sensation Is Essential For Survival, Since It Draws Attention To Physical Threat To The Body. Pain Assessment Is Usually Done Through Self-reports. However, Self-assessment Of Pain Is Not Available In The Case Of Noncommunicative Patients, And Therefore, Observer Reports Should Be Relied Upon. Observer Reports Of Pain Could Be Prone To Errors Due To Subjective Biases Of Observers. Moreover, Continuous Monitoring By Humans Is Impractical. Therefore, Automatic Pain Detection Technology Could Be Deployed To Assist Human Caregivers And Complement Their Service, Thereby Improving The Quality Of Pain Management, Especially For Noncommunicative Patients. Facial Expressions Are A Reliable Indicator Of Pain, And Are Used In All Observer-based Pain Assessment Tools. Following The Advancements In Automatic Facial Expression Analysis, Computer Vision Researchers Have Tried To Use This Technology For Developing Approaches For Automatically Detecting Pain From Facial Expressions. This Paper Surveys The Literature Published In This Field Over The Past Decade, Categorizes It, And Identifies Future Research Directions. The Survey Covers The Pain Datasets Used In The Reviewed Literature, The Learning Tasks Targeted By The Approaches, The Features Extracted From Images And Image Sequences To Represent Pain-related Information, And Finally, The Machine Learning Methods Used.

CREDIT CARD FRAUDULET TRANSACTION DETECTION- Supervised Machine Learning Algorithm For Credit Card Fraudulent Transaction Detection

The Goal Of Data Analytics Is To Delineate Hidden Patterns And Use Them To Support Informed Decisions In A Variety Of Situations. Credit Card Fraud Is Escalating Significantly With The Advancement Of The Modernized Technology And Become An Easy Target For Fraudulent. Credit Card Fraud Is A Severe Problem In The Financial Service And Costs Billions Of A Dollar Every Year. The Design Of Fraud Detection Algorithm Is A Challenging Task With The Lack Of Real-world Transaction Dataset Because Of Confidentiality And The Highly Imbalanced Publicly Available Datasets. In This Paper, We Apply Different Supervised Machine Learning Algorithms To Detect Credit Card Fraudulent Transaction Using A Real-world Dataset. Furthermore, We Employ These Algorithms To Implement A Super Classifier Using Ensemble Learning Methods. We Identify The Most Important Variables That May Lead To Higher Accuracy In Credit Card Fraudulent Transaction Detection. Additionally, We Compare And Discuss The Performance Of Various Supervised Machine Learning Algorithms Exist In Literature Against The Super Classifier That We Implemented In This Paper.

EHEALTHCARE RECOMMENDATION SCHEME- PPMR A Privacy-preserving Online Medical Service Recommendation Scheme In EHealthcare System

With The Continuous Development Of EHealthcare Systems, Medical Service Recommendation Has Received Great Attention. However, Although It Can Recommend Doctors To Users, There Are Still Challenges In Ensuring The Accuracy And Privacy Of Recommendation. In This Paper, To Ensure The Accuracy Of The Recommendation, We Consider Doctors' Reputation Scores And Similarities Between Users' Demands And Doctors' Information As The Basis Of The Medical Service Recommendation. The Doctors' Reputation Scores Are Measured By Multiple Feedbacks From Users. We Propose Two Concrete Algorithms To Compute The Similarity And The Reputation Scores In A Privacy-preserving Way Based On The Modified Paillier Cryptosystem, Truth Discovery Technology, And The Dirichlet Distribution. Detailed Security Analysis Is Given To Show Its Security Prosperities. In Addition, Extensive Experiments Demonstrate The Efficiency In Terms Of Computational Time For Truth Discovery And Recommendation Process.

FAULT TOLERANT DATA PROCESSING IN HEALTHCARE- Adaptive And Fault-tolerant Data Processing In Healthcare IoT Based On Fog Computing Networks

In Recent Years, Healthcare IoT Have Been Helpful In Mitigating Pressures Of Hospital And Medical Resources Caused By Aging Population To A Large Extent. As A Safety-critical System, The Rapid Response From The Health Care System Is Extremely Important. To Fulfill The Low Latency Requirement, Fog Computing Is A Competitive Solution By Deploying Healthcare IoT Devices On The Edge Of Clouds. However, These Fog Devices Generate Huge Amount Of Sensor Data. Designing A Specific Framework For Fog Devices To Ensure Reliable Data Transmission And Rapid Data Processing Becomes A Topic Of Utmost Significance. In This Paper, A Reduced Variable Neighborhood Search (RVNS)-based SEnsor Data Processing Framework (REDPF) Is Proposed To Enhance Reliability Of Data Transmission And Processing Speed. Functionalities Of REDPF Include Fault-tolerant Data Transmission, Self-adaptive Filtering And Data-load-reduction Processing. Specifically, A Reliable Transmission Mechanism, Managed By A Self-adaptive Filter, Will Recollect Lost Or Inaccurate Data Automatically. Then, A New Scheme Is Designed To Evaluate The Health Status Of The Elderly People. Through Extensive Simulations, We Show That Our Proposed Scheme Improves Network Reliability, And Provides A Faster Processing Speed.

REMOTE AUTHENTICATION SCHEMES- Remote Authentication Schemes For Wireless Body Area Networks Based On The Internet Of Things

Internet Of Things (IoT) Is A New Technology Which Offers Enormous Applications That Make People’s Lives More Convenient And Enhances Cities’ Development. In Particular, Smart Healthcare Applications In IoT Have Been Receiving Increasing Attention For Industrial And Academic Research. However, Due To The Sensitiveness Of Medical Information, Security And Privacy Issues In IoT Healthcare Systems Are Very Important. Designing An Efficient Secure Scheme With Less Computation Time And Energy Consumption Is A Critical Challenge In IoT Healthcare Systems. In This Paper, A Lightweight Online/offline Certificateless Signature (L-OOCLS) Is Proposed, Then A Heterogeneous Remote Anonymous Authentication Protocol (HRAAP) Is Designed To Enable Remote Wireless Body Area Networks (WBANs) Users To Anonymously Enjoy Healthcare Service Based On The IoT Applications. The Proposed L-OOCLS Scheme Is Proven Secure In Random Oracle Model And The Proposed HRAAP Can Resist Various Types Of Attacks. Compared With The Existing Relevant Schemes, The Proposed HRAAP Achieves Less Computation Overhead As Well As Less Power Consumption On WBANs Client. In Addition, To Nicely Meet The Application In The IoT, An Application Scenario Is Given.

ATTRIBUTE BASED SIGNATURE- Outsourced Decentralized Multi-Authority Attribute Based Signature And Its Application In Iot

IoT (Internet Of Things) Devices Often Collect Data And Store The Data In The Cloud For Sharing And Further Processing; This Collection, Sharing, And Processing Will Inevitably Encounter Secure Access And Authentication Issues. Attribute Based Signature (ABS), Which Utilizes The Signer’s Attributes To Generate Private Keys, Plays A Competent Role In Data Authentication And Identity Privacy Preservation. In ABS, There Are Multiple Authorities That Issue Different Private Keys For Signers Based On Their Various Attributes, And A Central Authority Is Usually Established To Manage All These Attribute Authorities. However, One Security Concern Is That If The Central Authority Is Compromised, The Whole System Will Be Broken. In This Paper, We Present An Outsourced Decentralized Multi-authority Attribute Based Signature (ODMA-ABS) Scheme. The Proposed ODMA-ABS Achieves Attribute Privacy And Stronger Authority-corruption Resistance Than Existing Multi-authority Attribute Based Signature Schemes Can Achieve. In Addition, The Overhead To Generate A Signature Is Further Reduced By Outsourcing Expensive Computation To A Signing Cloud Server. We Present Extensive Security Analysis And Experimental Simulation Of The Proposed Scheme. We Also Propose An Access Control Scheme That Is Based On ODMA-ABS.

TO ENGAGE STUDENT IN SOCIAL MEDIA NETWORK- Creating And Using Digital Games For Learning In Elementary And Secondary Education

The Use Of Digital Games In Education Has Gained Considerable Popularity In The Last Years Due To The Fact That These Games Are Considered To Be Excellent Tools For Teaching And Learning And Offer To Students An Engaging And Interesting Way Of Participating And Learning. In This Study, The Design And Implementation Of Educational Activities That Include Game Creation And Use In Elementary And Secondary Education Is Presented. The Proposed Educational Activities’ Content Covers The Parts Of The Curricula Of All The Informatics Courses, For Each Education Level Separately, That Include The Learning Of Programming Principles. The Educational Activities Were Implemented And Evaluated By Teachers Through A Discussion Session. The Findings Indicate That The Teachers Think That Learning Through Creating And Using Games Is More Interesting And That They Also Like The Idea Of Using Various Programming Environments To Create Games In Order To Teach Basic Programming Principles To Students.

DRIMUX Dynamic Rumor Influence Minimization With User Experience In Social Networks

With The Soaring Development Of Large Scale Online Social Networks, Online Information Sharing Is Becoming Ubiquitous Every Day. Various Information Is Propagating Through Online Social Networks Including Both The Positive And Negative. In This Paper, We Focus On The Negative Information Problems Such As The Online Rumors. With The Soaring Development Of Large Scale Online Social Networks, Online Information Sharing Is Becoming Ubiquitous Everyday. Various Information Is Propagating Through Online Social Networks Including Both The Positive And Negative. In This Paper, We Focus On The Negative Information Problems Such As The Online Rumors. Rumor Blocking Is A Serious Problem In Large-scale Social Networks. Malicious Rumors Could Cause Chaos In Society And Hence Need To Be Blocked As Soon As Possible After Being Detected. In This Paper, We Propose A Model Of Dynamic Rumor Influence Minimization With User Experience (DRIMUX). Our Goal Is To Minimize The Influence Of The Rumor (i.e., The Number Of Users That Have Accepted And Sent The Rumor) By Blocking A Certain Subset Of Nodes. A Dynamic Ising Propagation Model Considering Both The Global Popularity And Individual Attraction Of The Rumor Is Presented Based On A Realistic Scenario. In Addition, Different From Existing Problems Of Influence Minimization, We Take Into Account The Constraint Of User Experience Utility. Specifically, Each Node Is Assigned A Tolerance Time Threshold. If The Blocking Time Of Each User Exceeds That Threshold, The Utility Of The Network Will Decrease. Under This Constraint, We Then Formulate The Problem As A Network Inference Problem With Survival Theory, And Propose Solutions Based On Maximum Likelihood Principle. Experiments Are Implemented Based On Large-scale Real World Networks And Validate The Effectiveness Of Our Method.

USER PROFILE MATCHING- Privacy-Preserving User Profile Matching In Social Networks

In This Paper, We Consider A Scenario Where A User Queries A User Profile Database, Maintained By A Social Networking Service Provider, To Identify Users Whose Profiles Match The Profile Specified By The Querying User. A Typical Example Of This Application Is Online Dating. Most Recently, An Online Dating Website, Ashley Madison, Was Hacked, Which Resulted In A Disclosure Of A Large Number Of Dating User Profiles. This Data Breach Has Urged Researchers To Explore Practical Privacy Protection For User Profiles In A Social Network. In This Paper, We Propose A Privacy-preserving Solution For Profile Matching In Social Networks By Using Multiple Servers. Our Solution Is Built On Homomorphic Encryption And Allows A User To Find Out Matching Users With The Help Of Multiple Servers Without Revealing To Anyone The Query And The Queried User Profiles In Clear. Our Solution Achieves User Profile Privacy And User Query Privacy As Long As At Least One Of The Multiple Servers Is Honest. Our Experiments Demonstrate That Our Solution Is Practical.

PHARMACOVIGILANCE FROM SOCIAL MEDIA- Pharmacovigilance From Social Media An Improved Random Subspace Method For Identifying Adverse Drug Events

Social Media-based Pharmacovigilance Has Great Potential To Augment Current Efforts And Provide Regulatory Authorities With Valuable Decision Aids. Among Various Pharmacovigilance Activities, Identifying Adverse Drug Events (ADEs) Is Very Important For Patient Safety. However, In Health-related Discussion Forums, ADEs May Confound With Drug Indications And Beneficial Effects, Etc. Therefore, The Focus Of This Study Is To Develop A Strategy To Identify ADEs From Other Semantic Types, And Meanwhile To Determine The Drug That An ADE Is Associated With. And Then Get The Id Of An User Who Share The ADE On The Medical Social Media. The User Id Detect By Using Naïve Bayes Algorithm.

OWNERSHIP IDENTIFICATION AND SIGNALING OF MULTIMEDIA- Security Of Multimedia Content For Ownership Identification Using Signaling Technique

The Information Shared Over Network Like Audio And Video Files Will Be Having Major Challenge Due To Security Credentials. In Large Scale Systems Like Cloud Infrastructure Used To Improve The Better Security From Past One Decade. The Contents Are Like Pictures, Audio And Video Clips Are Shared Over The Online Training Sessions In Recent Days. Therefore The Video Files Are Used To Protect Using Digital Signature And Digital Watermarking. The Content Of The Multimedia Files Are Require The Better Environment For Sharing Of Knowledge Using Private And Public Clouds. The Digital Signature Method Is Used For Multimedia Components Such As 2D And 3D Video Clips And Shared Among The Users On Cloud Infrastructure Will Be Predicted With Various Cloud Based Security Techniques.

PRIVACY-PRESERVING MULTI-KEYWORD RANKED SEARCH- Enhanced Semantic-Aware Multi-Keyword Ranked Search Scheme Over Encrypted

Traditional Searchable Encryption Schemes Based On The Term Frequency-Inverse Document Frequency (TF-IDF) Model Adopt The Presence Of Keywords To Measure The Relevance Of Documents To Queries, Which Ignores The Latent Semantic Meanings That Are Concealed In The Context. Latent Dirichlet Allocation (LDA) Topic Model Can Be Utilized For Modeling The Semantics Among Texts To Achieve Semantic-aware Multi-keyword Search. However, The LDA Topic Model Treats Queries And Documents From The Perspective Of Topics, And The Keywords Information Is Ignored. In This Paper, We Propose A Privacy-preserving Searchable Encryption Scheme Based On The LDA Topic Model And The Query Likelihood Model. We Extract The Feature Keywords From The Document Using The LDA-based Information Gain (IG) And Topic Frequency-Inverse Topic Frequency (TF-ITF) Model. With Feature Keyword Extraction And The Query Likelihood Model, Our Scheme Can Achieve A More Accurate Semantic-aware Keyword Search. A Special Index Tree Is Used To Enhance Search Efficiency. The Secure Inner Product Operation Is Utilized To Implement The Privacy-preserving Ranked Search. The Experiments On Real-world Datasets Demonstrate The Effectiveness Of Our Scheme.

SECURE SHARING OF PESONAL HEALTH RECORDS IN TH CLOUD- Secure Outsourced Attribute-based Sharing Framework For Lightweight Devices In Smart Health Systems

Personal Health Record (PHR) Service Is An Emerging Model For Health Information Exchange. It Allows Patients To Create, Update And Manage Personal And Medical Information. Also They Can Control And Share Their Medical Information With Other Users As Well As Health Care Providers. PHR Data Is Hosted To The Third Party Cloud Service Providers In Order To Enhance Its Interoperability. However, There Have Been Serious Security And Privacy Issues In Outsourcing These Data To Cloud Server. For Security, Encrypt The PHRs Before Outsourcing. So Many Issues Such As Risks Of Privacy Exposure, Scalability In Key Management, Flexible Access And Efficient User Revocation, Have Remained The Most Important Challenges Toward Achieving Fine-grained, Cryptographically Enforced Data Access Control. To Achieve Fine-grained And Scalable Data Access Control For Client’s Data, A Novel Patient-centric Framework Is Used. This Frame Work Is Mainly Focus On The Multiple Data Owner Scenario. A High Degree Of Patient Privacy Is Guaranteed Simultaneously By Exploiting Multi Authority ABE. This Scheme Also Enables Dynamic Modification Of Access Policies Or File Attributes, Support Efficient On Demand User/attribute Revocation. However Some Practical Limitations Are In Building PHR System. If Consider The Workflow Based Access Control Scenarios, The Data Access Right Could Be Given Based On Users Identities Rather Than Their Attributes, While ABE Does Not Handle That Efficiently. For Solving These Problem In This Thesis Proposed PHR System, Based On Attribute Based Broadcast Encryption (ABBE).

ATTRIBUTE-BASED ACCESS CONTROL WITH CONSTANT-SIZE CIPHERTEXT- Efficient Multi-Authority Attribute-Based Signcryption With Constant-Size Cipher Text

Recently, Efficient Fine-grained Access Mechanism Has Been Studied As A Main Concern In Cloud Storage Area For Several Years. Attribute-based Signcryption (ABSC) Which Is Logical Combination Of Attribute-based Encryption(ABE) And Attribute-based Signature(ABS), Can Provide Confidentiality, Authenticity For Sensitive Data And Anonymous Authentication. At The Same Time It Is More Efficient Than Previous “encrypt-then-sign” And “sign-then-encrypt” Patterns. However, Most Of The Existing ABSC Schemes Fail To Serve For Real Scenario Of Multiple Authorities And Have Heavy Communication Overhead And Computing Overhead. Hence, We Construct A Novel ABSC Scheme Realizing Multi-authority Access Control And Constant-size Ciphertext That Does Not Depend On The Number Of Attributes Or Authorities. Furthermore, Our Scheme Provides Public Verifiability Of The Ciphertext And Privacy Protection For The Signcryptor. Specially, It Is Proven To Be Secure In The Standard Model, Including Ciphertext Indistinguishability Under Adaptive Chosen Ciphertext Attacks And Existential Unforgeability Under Adaptive Chosen Message Attack.

ENCRYTION CLOUD BASED REVOCATION - Efficient Revocable Multi-Authority Attribute-Based Encryption For Cloud Storage

As Is Known, Attribute-based Encryption (ABE) Is Usually Adopted For Cloud Storage, Both For Its Achievement Of Fine-grained Access Control Over Data, And For Its Guarantee Of Data Confidentiality. Nevertheless, Single-authority Attribute-based Encryption (SA-ABE) Has Its Obvious Drawback In That Only One Attribute Authority Can Assign The Users' Attributes, Enabling The Data To Be Shared Only Within The Management Domain Of The Attribute Authority, While Rendering Multiple Attribute Authorities Unable To Share The Data. On The Other Hand, Multi-authority Attribute-based Encryption (MA-ABE) Has Its Advantages Over SA-ABE. It Can Not Only Satisfy The Need For The Fine-grained Access Control And Confidentiality Of Data, But Also Make The Data Shared Among Different Multiple Attribute Authorities. However, Existing MA-ABE Schemes Are Unsuitable For The Devices With Resources-constraint, Because These Schemes Are All Based On Expensive Bilinear Pairing. Moreover, The Major Challenge Of MA-ABE Scheme Is Attribute Revocation. So Far, Many Solutions In This Respect Are Not Efficient Enough. In This Paper, On The Basis Of The Elliptic Curves Cryptography, We Propose An Efficient Revocable Multi-authority Attribute-based Encryption (RMA-ABE) Scheme For Cloud Storage. The Security Analysis Indicates That The Proposed Scheme Satisfies Indistinguishable Under Adaptive Chosen Plaintext Attack Assuming Hardness Of The Decisional Diffie-Hellman Problem. Compared With The Other Schemes, The Proposed Scheme Gets Its Advantages In That It Is More Economical In Computation And Storage.

DIPLOCLOUD- DistSim - Scalable Distributed In-Memory Semantic Similarity Estimation For RDF Knowledge Graphs

In This Paper, We Present DistSim, A Scalable Distributed In-Memory Semantic Similarity Estimation Framework For Knowledge Graphs. DistSim Provides A Multitude Of State-ofthe-art Similarity Estimators. We Have Developed The Similarity Estimation Pipeline By Combining Generic Software Modules. For Large Scale RDF Data, DistSim Proposes MinHash With Locality Sensitivity Hashing To Achieve Better Scalability Over All-pair Similarity Estimations. The Modules Of DistSim Can Be Set Up Using A Multitude Of (hyper)-parameters Allowing To Adjust The Tradeoff Between Information Taken Into Account, And Processing Time. Furthermore, The Output Of The Similarity Estimation Pipeline Is Native RDF. DistSim Is Integrated Into The SANSA Stack, Documented In Scala-docs, And Covered By Unit Tests. Additionally, The Variables And Provided Methods Follow The Apache Spark MLlib Name-space Conventions. The Performance Of DistSim Was Tested Over A Distributed Cluster, For The Dimensions Of Data Set Size And Processing Power Versus Processing Time, Which Shows The Scalability Of DistSim W.r.t. Increasing Data Set Sizes And Processing Power. DistSim Is Already In Use For Solving Several RDF Data Analytics Related Use Cases. Additionally, DistSim Is Available And Integrated Into The Open-source GitHub Project SANSA

SECURE ANTI-COLLUSION DATA SHARING SCHEME - Attribute-Based Keyword Search Encryption Scheme With Verifiable Ciphertext Via Blockchain

In Order To Realize The Sharing Of Data By Multiple Users On The Blockchain, This Paper Proposes An Attribute-based Searchable Encryption With Verifiable Ciphertext Scheme Via Blockchain. The Scheme Uses The Public Key Algorithm To Encrypt The Keyword, The Attribute-based Encryption Algorithm To Encrypt The Symmetric Key, And The Symmetric Key To Encrypt The File. The Keyword Index Is Stored On The Blockchain, And The Ciphertext Of The Symmetric Key And File Are Stored On The Cloud Server. The Scheme Uses Searchable Encryption Technology To Achieve Secure Search On The Blockchain, Uses The Immutability Of The Blockchain To Ensure The Security Of The Keyword Ciphertext, Uses Verify Algorithm Guarantees The Integrity Of The Data On The Cloud. When The User's Attributes Need To Be Changed Or The Ciphertext Access Structure Is Changed, The Scheme Uses Proxy Re-encryption Technology To Implement The User's Attribute Revocation, And The Authority Center Is Responsible For The Whole Attribute Revocation Process. The Security Proof Shows That The Scheme Can Achieve Ciphertext Security, Keyword Security And Anti-collusion. In Addition, The Numerical Results Show That The Proposed Scheme Is Effective.

SHARED DYNAMIC CLOUD DATA WITH GROUP USER REVOCATION- Secure Efficient Revocable Large Universe Multi-Authority Attribute-Based Encryption For Cloud-Aided IoT

With The Help Of Cloud Computing, The Ubiquitous And Diversified Internet Of Things (IoT) Has Greatly Improved Human Society. Revocable Multi-authority Attribute-based Encryption (MA-ABE) Is Considered A Promising Technique To Solve The Security Challenges On Data Access Control In The Dynamic IoT Since It Can Achieve Dynamic Access Control Over The Encrypted Data. However, On The One Hand, The Existing Revocable Large Universe MA-ABE Suffers The Collusion Attack Launched By Revoked Users And Non-revoked Users. On The Other Hand, The User Collusion Avoidance Revocable MA-ABE Schemes Do Not Support Large Attributes (or Users) Universe, I.e. The Flexible Number Of Attributes (or Users). In This Article, The Author Proposes An Efficient Revocable Large Universe MA-ABE Based On Prime Order Bilinear Groups. The Proposed Scheme Supports User-attribute Revocation, I.e., The Revoked User Only Loses One Or More Attributes, And She/he Can Access The Data So Long As Her/his Remaining Attributes Satisfy The Access Policy. It Is Static Security In The Random Oracle Model Under The Q-DPBDHE2 Assumption. Moreover, It Is Secure Against The Collusion Attack Launched By Revoked Users And Non-revoked Users. Meanwhile, It Meets The Requirements Of Forward And Backward Security. The Limited-resource Users Can Choose Outsourcing Decryption To Save Resources. The Performance Analysis Results Indicate That It Is Suitable For Large-scale Cross-domain Collaboration In The Dynamic Cloud-aided IoT.

PROFIT MAXIMIZATION SCHEME- Personality- And Value-aware Scheduling Of User Requests In Cloud For Profit Maximization

The Main Goal Of A Cloud Provider Is To Make Profits By Providing Services To Users. Existing Profit Optimization Strategies Employ Homogeneous User Models In Which User Personality Is Ignored, Resulting In Fewer Profits And Particularly Notably Lower User Satisfaction That In Turn, Leads To Fewer Users And Reduced Profits. In This Paper, We Propose Efficient Personality-aware Request Scheduling Schemes To Maximize The Profit Of The Cloud Provider Under The Constraint Of User Satisfaction. Specifically, We First Model The Service Requests At The Granularity Of Individual Personality And Propose A Personalized User Satisfaction Prediction Model Based On Questionnaires. Subsequently, We Design A Personality-guided Integer Linear Programming (ILP)-based Request Scheduling Algorithm To Maximize The Profit Under The Constraint Of User Satisfaction, Which Is Followed By An Approximate But Lightweight Value Assessment And Cross Entropy (VACE)-based Profit Improvement Scheme. The VACE-based Scheme Is Especially Tailored For Applications With High Scheduling Resolution. Extensive Simulation Results Show That Our Satisfaction Prediction Model Can Achieve The Accuracy Of Up To 83%, And Our Profit Optimization Schemes Can Improve The Profit By At Least 3.96% As Compared To The Benchmarking Methods While Still Obtaining A Speedup Of At Least 1.68x

MULTIMEDIA CONTENT PRTECTION SYSTEM- Cloud-Based Multimedia Content Protection System

We Propose A New Design For Large-scale Multimedia Content Protection Systems. Our Design Leverages Cloud Infrastructures To Provide Cost Efficiency, Rapid Deployment, Scalability, And Elasticity To Accommodate Varying Workloads. The Proposed System Can Be Used To Protect Different Multimedia Content Types, Including Videos, Images, Audio Clips, Songs, And Music Clips. The System Can Be Deployed On Private And/or Public Clouds. Our System Has Two Novel Components: (i) Method To Create Signatures Of Videos, And (ii) Distributed Matching Engine For Multimedia Objects. The Signature Method Creates Robust And Representative Signatures Of Videos That Capture The Depth Signals In These Videos And It Is Computationally Efficient To Compute And Compare As Well As It Requires Small Storage. The Distributed Matching Engine Achieves High Scalability And It Is Designed To Support Different Multimedia Objects. We Implemented The Proposed System And Deployed It On Two Clouds: Amazon Cloud And Our Private Cloud. Our Experiments With More Than 11,000 Videos And 1 Million Images Show The High Accuracy And Scalability Of The Proposed System. In Addition, We Compared Our System To The Protection System Used By YouTube And Our Results Show That The YouTube Protection System Fails To Detect Most Copies Of Videos, While Our System Detects More Than 98% Of Them.

PUBLISHING OF SET-VALUED DATA ON HYBRID CLOUD- A Privacy Preserving Method For Publishing Set Valued Data And Its Correlative Social Network

Set-valued Data And Social Network Provide Opportunities To Mine Useful, Yet Potentially Security-sensitive, Information. While There Are Mechanisms To Anonymize Data And Protect The Privacy Separately In Set-valued Data And In Social Network, The Existing Approaches In Data Privacy Do Not Address The Privacy Issue Which Emerge When Publishing Set-valued Data And Its Correlative Social Network Simultaneously. In This Paper, We Propose A Privacy Attack Model Based On Linking The Set-valued Data And The Social Network Topology Information And A Novel Technique To Defend Against Such Attack To Protect The Individual Privacy. To Improve Data Utility And The Practicality Of Our Scheme, We Use Local Generalization And Partial Suppression To Make Set-valued Data Satisfy The Grouped ρ-uncertainty Model And To Reduce The Impact On The Community Structure Of The Social Network When Anonymizing The Social Network. Experiments On Real-life Data Sets Show That Our Method Outperforms The Existing Mechanisms In Data Privacy And, More Specifically, That It Provides Greater Data Utility While Having Less Impact On The Community Structure Of Social Networks.

DECENTRALIZED CLOUD FIREWALL FRAMEWORK Hierarchical Multi-Agent Optimization For Resource Allocation In Cloud Computing

In Cloud Computing, An Important Concern Is To Allocate The Available Resources Of Service Nodes To The Requested Tasks On Demand And To Make The Objective Function Optimum, I.e., Maximizing Resource Utilization, Payoffs, And Available Bandwidth. This Article Proposes A Hierarchical Multi-agent Optimization (HMAO) Algorithm In Order To Maximize The Resource Utilization And Make The Bandwidth Cost Minimum For Cloud Computing. The Proposed HMAO Algorithm Is A Combination Of The Genetic Algorithm (GA) And The Multi-agent Optimization (MAO) Algorithm. With Maximizing The Resource Utilization, An Improved GA Is Implemented To Find A Set Of Service Nodes That Are Used To Deploy The Requested Tasks. A Decentralized-based MAO Algorithm Is Presented To Minimize The Bandwidth Cost. We Study The Effect Of Key Parameters Of The HMAO Algorithm By The Taguchi Method And Evaluate The Performance Results. The Results Demonstrate That The HMAO Algorithm Is More Effective Than Two Baseline Algorithms Of Genetic Algorithm (GA) And Fast Elitist Non-dominated Sorting Genetic Algorithm (NSGA-II) In Solving The Large-scale Optimization Problem Of Resource Allocation. Furthermore, We Provide The Performance Comparison Of The HMAO Algorithm With Two Heuristic Greedy And Viterbi Algorithms In On-line Resource Allocation.

CRYPTOGRAPIC ALGORITHM- Comparative Study Of Cryptographic Algorithm

We Know That With The Emergence Of Internet People All Around The World Are Using Its Services &are Heavily Dependent On It. People Are Also Storing Their Huge Amount Of Data Over The Cloud .It Is The Challenge For Researchers To Secure The Private And Critical Data Of The Users, So That Unauthorized Person Should Not Be Able To Access It And Manipulate It .Cryptography Is A Process Of Converting The User Useful Information To A Form Which Is Insignificant To An Unauthorized Person So That Only Authorized Persons Can Access And Understands It .For Ensuring Privacy There Are Multiple Cryptographic Algorithms, Which Is Selected As Per Requirement Of User Or Security Specification Of The Organization. This Paper Discusses The Comparison Of Various Cryptographic Encryption Algorithms With Respect To Its Various Key Features & Then Later Discusses Their Performance Cost Based On The Some Selected Key Criteria’s. Some Of The Algorithms Chosen For The Purpose Are DES, 3DES, IDEA, CAST128, AES, Blowfish, RSA, ABE &ECC.

DATA INTEGRITY AUDITING WITHOUT PRIVATE KEY - Data Integrity Auditing Without Private Key Storage For Secure Cloud Storage

Using Cloud Storage Services, Users Can Store Their Data In The Cloud To Avoid The Expenditure Of Local Data Storage And Maintenance. To Ensure The Integrity Of The Data Stored In The Cloud, Many Data Integrity Auditing Schemes Have Been Proposed. In Most, If Not All, Of The Existing Schemes, A User Needs To Employ His Private Key To Generate The Data Authenticators For Realizing The Data Integrity Auditing. Thus, The User Has To Possess A Hardware Token (e.g., USB Token, Smart Card) To Store His Private Key And Memorize A Password To Activate This Private Key. If This Hardware Token Is Lost Or This Password Is Forgotten, Most Of The Current Data Integrity Auditing Schemes Would Be Unable To Work. In Order To Overcome This Problem, We Propose A New Paradigm Called Data Integrity Auditing Without Private Key Storage And Design Such A Scheme. In This Scheme, We Use Biometric Data (e.g., Iris Scan, Fingerprint) As The User’s Fuzzy Private Key To Avoid Using The Hardware Token. Meanwhile, The Scheme Can Still Effectively Complete The Data Integrity Auditing. We Utilize A Linear Sketch With Coding And Error Correction Processes To Confirm The Identity Of The User. In Addition, We Design A New Signature Scheme Which Not Only Supports Blockless Verifiability, But Also Is Compatible With The Linear Sketch. The Security Proof And The Performance Analysis Show That Our Proposed Scheme Achieves Desirable Security And Efficiency.

PUBLIC-KEY ENCRYPTION WITH KEYWORD SEARCH- Dual-Server Public-Key Encryption With Keyword Search For Secure Cloud Storage

Searchable Encryption Is Of Increasing Interest For Protecting The Data Privacy In Secure Searchable Cloud Storage. In This Paper, We Investigate The Security Of A Well-known Cryptographic Primitive, Namely, Public Key Encryption With Keyword Search (PEKS) Which Is Very Useful In Many Applications Of Cloud Storage. Unfortunately, It Has Been Shown That The Traditional PEKS Framework Suffers From An Inherent Insecurity Called Inside Keyword Guessing Attack (KGA) Launched By The Malicious Server. To Address This Security Vulnerability, We Propose A New PEKS Framework Named Dual-server PEKS (DS-PEKS). As Another Main Contribution, We Define A New Variant Of The Smooth Projective Hash Functions (SPHFs) Referred To As Linear And Homomorphic SPHF (LH-SPHF). We Then Show A Generic Construction Of Secure DS-PEKS From LH-SPHF. To Illustrate The Feasibility Of Our New Framework, We Provide An Efficient Instantiation Of The General Framework From A Decision Diffie-Hellman-based LH-SPHF And Show That It Can Achieve The Strong Security Against Inside The KGA.

DEDUPLICATING DATA- Secure Auditing And Deduplicating Data In Cloud

As The Cloud Computing Technology Develops During The Last Decade, Outsourcing Data To Cloud Service For Storage Becomes An Attractive Trend, Which Benefits In Sparing Efforts On Heavy Data Maintenance And Management. Nevertheless, Since The Outsourced Cloud Storage Is Not Fully Trustworthy, It Raises Security Concerns On How To Realize Data Deduplication In Cloud While Achieving Integrity Auditing. In This Work, We Study The Problem Of Integrity Auditing And Secure Deduplication On Cloud Data. Specifically, Aiming At Achieving Both Data Integrity And Deduplication In Cloud, We Propose Two Secure Systems, Namely SecCloud And SecCloud $^+$ . SecCloud Introduces An Auditing Entity With A Maintenance Of A MapReduce Cloud, Which Helps Clients Generate Data Tags Before Uploading As Well As Audit The Integrity Of Data Having Been Stored In Cloud. Compared With Previous Work, The Computation By User In SecCloud Is Greatly Reduced During The File Uploading And Auditing Phases. SecCloud $^+$ Is Designed Motivated By The Fact That Customers Always Want To Encrypt Their Data Before Uploading, And Enables Integrity Auditing And Secure Deduplication On Encrypted Data.

AUDITING FOR OUTSOURCED DATABASE- Verifiable Auditing For Outsourced Database In Cloud Computing

The Notion Of Database Outsourcing Enables The Data Owner To Delegate The Database Management To A Cloud Service Provider (CSP) That Provides Various Database Services To Different Users. Recently, Plenty Of Research Work Has Been Done On The Primitive Of Outsourced Database. However, It Seems That No Existing Solutions Can Perfectly Support The Properties Of Both Correctness And Completeness For The Query Results, Especially In The Case When The Dishonest CSP Intentionally Returns An Empty Set For The Query Request Of The User. In This Paper, We Propose A New Verifiable Auditing Scheme For Outsourced Database, Which Can Simultaneously Achieve The Correctness And Completeness Of Search Results Even If The Dishonest CSP Purposely Returns An Empty Set. Furthermore, We Can Prove That Our Construction Can Achieve The Desired Security Properties Even In The Encrypted Outsourced Database. Besides, The Proposed Scheme Can Be Extended To Support The Dynamic Database Setting By Incorporating The Notion Of Verifiable Database With Updates.

ATTRIBUTE-BASED ENCRYPTION- Audit-Free Cloud Storage Via Deniable Attribute-based Encryption

Cloud Storage Services Have Become Increasingly Popular. Because Of The Importance Of Privacy, Many Cloud Storage Encryption Schemes Have Been Proposed To Protect Data From Those Who Do Not Have Access. All Such Schemes Assumed That Cloud Storage Providers Are Safe And Cannot Be Hacked; However, In Practice, Some Authorities (i.e., Coercers) May Force Cloud Storage Providers To Reveal User Secrets Or Confidential Data On The Cloud, Thus Altogether Circumventing Storage Encryption Schemes. In This Paper, We Present Our Design For A New Cloud Storage Encryption Scheme That Enables Cloud Storage Providers To Create Convincing Fake User Secrets To Protect User Privacy. Since Coercers Cannot Tell If Obtained Secrets Are True Or Not, The Cloud Storage Providers Ensure That User Privacy Is Still Securely Protected.

PROOF OF RETRIEVABILITY IN CLOUD COMPUTING- Enabling Proof Of Retrievability In Cloud Computing With Resource-Constrained Devices

Cloud Computing Moves The Application Software And Databases To The Centralized Large Data Centers, Where The Management Of The Data And Services May Not Be Fully Trustworthy. In This Work, We Study The Problem Of Ensuring The Integrity Of Data Storage In Cloud Computing. To Reduce The Computational Cost At User Side During The Integrity Verification Of Their Data, The Notion Of Public Verifiability Has Been Proposed. However, The Challenge Is That The Computational Burden Is Too Huge For The Users With Resource-constrained Devices To Compute The Public Authentication Tags Of File Blocks. To Tackle The Challenge, We Propose OPoR, A New Cloud Storage Scheme Involving A Cloud Storage Server And A Cloud Audit Server, Where The Latter Is Assumed To Be Semi-honest. In Particular, We Consider The Task Of Allowing The Cloud Audit Server, On Behalf Of The Cloud Users, To Pre-process The Data Before Uploading To The Cloud Storage Server And Later Verifying The Data Integrity. OPoR Outsources And Offloads The Heavy Computation Of The Tag Generation To The Cloud Audit Server And Eliminates The Involvement Of User In The Auditing And In The Pre-processing Phases. Furthermore, We Strengthen The Proof Of Retrievability (PoR) Model To Support Dynamic Data Operations, As Well As Ensure Security Against Reset Attacks Launched By The Cloud Storage Server In The Upload Phase.

DYNAMIC DATA POSSESSION IN CLOUD COMPUTING- Provable Multicopy Dynamic Data Possession In Cloud Computing Systems

Increasingly More And More Organizations Are Opting For Outsourcing Data To Remote Cloud Service Providers (CSPs). Customers Can Rent The CSPs Storage Infrastructure To Store And Retrieve Almost Unlimited Amount Of Data By Paying Fees Metered In Gigabyte/month. For An Increased Level Of Scalability, Availability, And Durability, Some Customers May Want Their Data To Be Replicated On Multiple Servers Across Multiple Data Centers. The More Copies The CSP Is Asked To Store, The More Fees The Customers Are Charged. Therefore, Customers Need To Have A Strong Guarantee That The CSP Is Storing All Data Copies That Are Agreed Upon In The Service Contract, And All These Copies Are Consistent With The Most Recent Modifications Issued By The Customers. In This Paper, We Propose A Map-based Provable Multicopy Dynamic Data Possession (MB-PMDDP) Scheme That Has The Following Features: 1) It Provides An Evidence To The Customers That The CSP Is Not Cheating By Storing Fewer Copies; 2) It Supports Outsourcing Of Dynamic Data, I.e., It Supports Block-level Operations, Such As Block Modification, Insertion, Deletion, And Append; And 3) It Allows Authorized Users To Seamlessly Access The File Copies Stored By The CSP. We Give A Comparative Analysis Of The Proposed MB-PMDDP Scheme With A Reference Model Obtained By Extending Existing Provable Possession Of Dynamic Single-copy Schemes. The Theoretical Analysis Is Validated Through Experimental Results On A Commercial Cloud Platform. In Addition, We Show The Security Against Colluding Servers, And Discuss How To Identify Corrupted Copies By Slightly Modifying The Proposed Scheme.

SECURITY ANALYSIS ON CLOUD- Security Analysis On One-to-Many Order Preserving Encryption Based Cloud Data Search

For Ranked Search In Encrypted Cloud Data, Order Preserving Encryption (OPE) Is An Efficient Tool To Encrypt Relevance Scores Of The Inverted Index. When Using Deterministic OPE, The Ciphertexts Will Reveal The Distribution Of Relevance Scores. Therefore, Wang Et Al. Proposed A Probabilistic OPE, Called One-to-many OPE, For Applications Of Searchable Encryption, Which Can Flatten The Distribution Of The Plaintexts. In This Paper, We Proposed A Differential Attack On One-to-many OPE By Exploiting The Differences Of The Ordered Ciphertexts. The Experimental Results Show That The Cloud Server Can Get A Good Estimate Of The Distribution Of Relevance Scores By A Differential Attack. Furthermore, When Having Some Background Information On The Outsourced Documents, The Cloud Server Can Accurately Infer The Encrypted Keywords Using The Estimated Distributions.

RE-ENCRYPTION- Reliable Re-Encryption In Unreliable Clouds

A Key Approach To Secure Cloud Computing Is For The Data Owner To Store Encrypted Data In The Cloud, And Issue Decryption Keys To Authorized Users. Then, When A User Is Revoked, The Data Owner Will Issue Re-encryption Commands To The Cloud To Re-encrypt The Data, To Prevent The Revoked User From Decrypting The Data, And To Generate New Decryption Keys To Valid Users, So That They Can Continue To Access The Data. However, Since A Cloud Computing Environment Is Comprised Of Many Cloud Servers, Such Commands May Not Be Received And Executed By All Of The Cloud Servers Due To Unreliable Network Communications. In This Paper, We Solve This Problem By Proposing A Time-based Re-encryption Scheme, Which Enables The Cloud Servers To Automatically Re-encrypt Data Based On Their Internal Clocks. Our Solution Is Built On Top Of A New Encryption Scheme, Attribute-based Encryption, To Allow Fine-grain Access Control, And Does Not Require Perfect Clock Synchronization For Correctness.

PERSONAL HEALTH DATA- Lifelong Personal Health Data And Application Software Via Virtual Machines The Cloud

Personal Health Records (PHRs) Should Remain The Lifelong Property Of Patients, Who Should Be Able To Show Them Conveniently And Securely To Selected Caregivers And Institutions. In This Paper, We Present MyPHRMachines, A Cloud-based PHR System Taking A Radically New Architectural Solution To Health Record Portability. In MyPHRMachines, Health-related Data And The Application Software To View And/or Analyze It Are Separately Deployed In The PHR System. After Uploading Their Medical Data To MyPHRMachines, Patients Can Access Them Again From Remote Virtual Machines That Contain The Right Software To Visualize And Analyze Them Without Any Need For Conversion. Patients Can Share Their Remote Virtual Machine Session With Selected Caregivers, Who Will Need Only A Web Browser To Access The Pre-loaded Fragments Of Their Lifelong PHR. We Discuss A Prototype Of MyPHRMachines Applied To Two Use Cases, I.e., Radiology Image Sharing And Personalized Medicine.

DIFFERENTIAL QUERY SERVICES- Towards Differential Query Services In Cost-Efficient Clouds

Cloud Computing As An Emerging Technology Trend Is Expected To Reshape The Advances In Information Technology An Efficient Information Retrieval For Ranked Queries (EIRQ) Scheme Is Recovery Of Ranked Files On User Demand. An EIRQ Worked Based On The Aggregation And Distribution Layer (ADL). An ADL Is Act As Mediator Between Cloud And End-users. An EIRQ Scheme Reduces The Communication Cost And Communication Overhead. Mask Matrix Is Used To Filter Out As What User Really Wants Matched Data Before Recurring To The Aggregation And Distribution Layer (ADL). A User Can Retrieve Files On Demand By Choosing Queries Of Different Ranks. This Feature Is Useful When There Are A Large Number Of Matched Files, But The User Only Needs A Small Subset Of Them. Under Different Parameter Settings, Extensive Evaluations Have Been Conducted On Both Analytical Models And On A Real Cloud Environment, In Order To Examine The Effectiveness Of Our Schemes To Avoid Small Scale Of Interruptions In Cloud Computing, Follow Two Essential Issues:-Privacy And Efficiency. Private Keyword Based File Retrieval Scheme Was Anticipated By Ostrovsky.

DATA SHARING IN PUBLIC CLOUDS- An Efficient Certificateless Encryption For Secure Data Sharing In Public Clouds

We Propose A Mediated Certificateless Encryption Scheme Without Pairing Operations For Securely Sharing Sensitive Information In Public Clouds. Mediated Certificateless Public Key Encryption (mCL-PKE) Solves The Key Escrow Problem In Identity Based Encryption And Certificate Revocation Problem In Public Key Cryptography. However, Existing MCL-PKE Schemes Are Either Inefficient Because Of The Use Of Expensive Pairing Operations Or Vulnerable Against Partial Decryption Attacks. In Order To Address The Performance And Security Issues, In This Paper, We First Propose A MCL-PKE Scheme Without Using Pairing Operations. We Apply Our MCL-PKE Scheme To Construct A Practical Solution To The Problem Of Sharing Sensitive Information In Public Clouds. The Cloud Is Employed As A Secure Storage As Well As A Key Generation Center. In Our System, The Data Owner Encrypts The Sensitive Data Using The Cloud Generated Users' Public Keys Based On Its Access Control Policies And Uploads The Encrypted Data To The Cloud. Upon Successful Authorization, The Cloud Partially Decrypts The Encrypted Data For The Users. The Users Subsequently Fully Decrypt The Partially Decrypted Data Using Their Private Keys. The Confidentiality Of The Content And The Keys Is Preserved With Respect To The Cloud, Because The Cloud Cannot Fully Decrypt The Information. We Also Propose An Extension To The Above Approach To Improve The Efficiency Of Encryption At The Data Owner. We Implement Our MCL-PKE Scheme And The Overall Cloud Based System, And Evaluate Its Security And Performance. Our Results Show That Our Schemes Are Efficient And Practical.

TRUST MANAGEMENT FOR CLOUD SERVICES Cloud Armor Supporting Reputation-based Trust Management For Cloud Services

Trust Management Is One Of The Most Challenging Issues For The Adoption And Growth Of Cloud Computing. The Highly Dynamic, Distributed, And Non-transparent Nature Of Cloud Services Introduces Several Challenging Issues Such As Privacy, Security, And Availability. Preserving Consumers' Privacy Is Not An Easy Task Due To The Sensitive Information Involved In The Interactions Between Consumers And The Trust Management Service. Protecting Cloud Services Against Their Malicious Users (e.g., Such Users Might Give Misleading Feedback To Disadvantage A Particular Cloud Service) Is A Difficult Problem. Guaranteeing The Availability Of The Trust Management Service Is Another Significant Challenge Because Of The Dynamic Nature Of Cloud Environments. In This Article, We Describe The Design And Implementation Of CloudArmor, A Reputation-based Trust Management Framework That Provides A Set Of Functionalities To Deliver Trust As A Service (TaaS), Which Includes I) A Novel Protocol To Prove The Credibility Of Trust Feedbacks And Preserve Users' Privacy, Ii) An Adaptive And Robust Credibility Model For Measuring The Credibility Of Trust Feedbacks To Protect Cloud Services From Malicious Users And To Compare The Trustworthiness Of Cloud Services, And Iii) An Availability Model To Manage The Availability Of The Decentralized Implementation Of The Trust Management Service. The Feasibility And Benefits Of Our Approach Have Been Validated By A Prototype And Experimental Studies Using A Collection Of Real-world Trust Feedbacks On Cloud Services.

OPTIMAL PERFORMANCE AND SECURITY- DROPS Division And Replication Of Data In Cloud For Optimal Performance And Security

Outsourcing Data To A Third-party Administrative Control, As Is Done In Cloud Computing, Gives Rise To Security Concerns. The Data Compromise May Occur Due To Attacks By Other Users And Nodes Within The Cloud. Therefore, High Security Measures Are Required To Protect Data Within The Cloud. However, The Employed Security Strategy Must Also Take Into Account The Optimization Of The Data Retrieval Time. In This Paper, We Propose Division And Replication Of Data In The Cloud For Optimal Performance And Security (DROPS) That Collectively Approaches The Security And Performance Issues. In The DROPS Methodology, We Divide A File Into Fragments, And Replicate The Fragmented Data Over The Cloud Nodes. Each Of The Nodes Stores Only A Single Fragment Of A Particular Data File That Ensures That Even In Case Of A Successful Attack, No Meaningful Information Is Revealed To The Attacker. Moreover, The Nodes Storing The Fragments, Are Separated With Certain Distance By Means Of Graph T-coloring To Prohibit An Attacker Of Guessing The Locations Of The Fragments. Furthermore, The DROPS Methodology Does Not Rely On The Traditional Cryptographic Techniques For The Data Security; Thereby Relieving The System Of Computationally Expensive Methodologies. We Show That The Probability To Locate And Compromise All Of The Nodes Storing The Fragments Of A Single File Is Extremely Low. We Also Compare The Performance Of The DROPS Methodology With 10 Other Schemes. The Higher Level Of Security With Slight Performance Overhead Was Observed.

SERVICE ORIENTED MOBILE SOCIAL NETWORK- Enabling Trustworthy Service Evaluation In Service-Oriented Mobile Social Networks

In This Paper, We Propose A Trustworthy Service Evaluation (TSE) System To Enable Users To Share Service Reviews In Service-oriented Mobile Social Networks (S-MSNs). Each Service Provider Independently Maintains A TSE For Itself, Which Collects And Stores Users' Reviews About Its Services Without Requiring Any Third Trusted Authority. The Service Reviews Can Then Be Made Available To Interested Users In Making Wise Service Selection Decisions. We Identify Three Unique Service Review Attacks, I.e., Linkability, Rejection, And Modification Attacks, And Develop Sophisticated Security Mechanisms For The TSE To Deal With These Attacks. Specifically, The Basic TSE (bTSE) Enables Users To Distributedly And Cooperatively Submit Their Reviews In An Integrated Chain Form By Using Hierarchical And Aggregate Signature Techniques. It Restricts The Service Providers To Reject, Modify, Or Delete The Reviews. Thus, The Integrity And Authenticity Of Reviews Are Improved. Further, We Extend The BTSE To A Sybil-resisted TSE (SrTSE) To Enable The Detection Of Two Typical Sybil Attacks. In The SrTSE, If A User Generates Multiple Reviews Toward A Vendor In A Predefined Time Slot With Different Pseudonyms, The Real Identity Of That User Will Be Revealed. Through Security Analysis And Numerical Results, We Show That The BTSE And The SrTSE Effectively Resist The Service Review Attacks And The SrTSE Additionally Detects The Sybil Attacks In An Efficient Manner. Through Performance Evaluation, We Show That The BTSE Achieves Better Performance In Terms Of Submission Rate And Delay Than A Service Review System That Does Not Adopt User Cooperation.

RECOMMEND FOR USER INTEREST AND SOCIAL CIRCLE - Personalized Recommendation Combining User Interest And Social Circle

With The Advent And Popularity Of Social Network, More And More Users Like To Share Their Experiences, Such As Ratings, Reviews, And Blogs. The New Factors Of Social Network Like Interpersonal Influence And Interest Based On Circles Of Friends Bring Opportunities And Challenges For Recommender System To Solve The Cold Start And Sparsity Problem Of Datasets. Some Of The Social Factors Have Been Used In RS, But Have Not Been Fully Considered. In This Paper, Three Social Factors, Personal Interest, Interpersonal Interest Similarity, And Interpersonal Influence, Fuse Into A Unified Personalized Recommendation Model Based On Probabilistic Matrix Factorization. The Factor Of Personal Interest Can Make The RS Recommend Items To Meet Users' Individualities, Especially For Experienced Users. Moreover, For Cold Start Users, The Interpersonal Interest Similarity And Interpersonal Influence Can Enhance The Intrinsic Link Among Features In The Latent Space. We Conduct A Series Of Experiments On Three Rating Datasets: Yelp, MovieLens, And Douban Movie. Experimental Results Show The Proposed Approach Outperforms The Existing RS Approaches.

DATA SHARING IN CLOUDS- SeDaSC Secure Data Sharing In Clouds

Cloud Storage Is An Application Of Clouds That Liberates Organizations From Establishing In-house Data Storage Systems. However, Cloud Storage Gives Rise To Security Concerns. In Case Of Group-shared Data, The Data Face Both Cloud-specific And Conventional Insider Threats. Secure Data Sharing Among A Group That Counters Insider Threats Of Legitimate Yet Malicious Users Is An Important Research Issue. In This Paper, We Propose The Secure Data Sharing In Clouds (SeDaSC) Methodology That Provides: 1) Data Confidentiality And Integrity; 2) Access Control; 3) Data Sharing (forwarding) Without Using Compute-intensive Reencryption; 4) Insider Threat Security; And 5) Forward And Backward Access Control. The SeDaSC Methodology Encrypts A File With A Single Encryption Key. Two Different Key Shares For Each Of The Users Are Generated, With The User Only Getting One Share. The Possession Of A Single Share Of A Key Allows The SeDaSC Methodology To Counter The Insider Threats. The Other Key Share Is Stored By A Trusted Third Party, Which Is Called The Cryptographic Server. The SeDaSC Methodology Is Applicable To Conventional And Mobile Cloud Computing Environments. We Implement A Working Prototype Of The SeDaSC Methodology And Evaluate Its Performance Based On The Time Consumed During Various Operations. We Formally Verify The Working Of SeDaSC By Using High-level Petri Nets, The Satisfiability Modulo Theories Library, And A Z3 Solver. The Results Proved To Be Encouraging And Show That SeDaSC Has The Potential To Be Effectively Used For Secure Data Sharing In The Cloud.

TRUST-BUT-VERIFY- Verifying Result Correctness Of Outsourced Frequent Item Set Mining In Data-mining-as-a-service Paradigm

Cloud Computing Is Popularizing The Computing Paradigm In Which Data Is Outsourced To A Third-party Service Provider (server) For Data Mining. Outsourcing, However, Raises A Serious Security Issue: How Can The Client Of Weak Computational Power Verify That The Server Returned Correct Mining Result? In This Paper, We Focus On The Specific Task Of Frequent Itemset Mining. We Consider The Server That Is Potentially Untrusted And Tries To Escape From Verification By Using Its Prior Knowledge Of The Outsourced Data. We Propose Efficient Probabilistic And Deterministic Verification Approaches To Check Whether The Server Has Returned Correct And Complete Frequent Itemsets. Our Probabilistic Approach Can Catch Incorrect Results With High Probability, While Our Deterministic Approach Measures The Result Correctness With 100 Percent Certainty. We Also Design Efficient Verification Methods For Both Cases That The Data And The Mining Setup Are Updated. We Demonstrate The Effectiveness And Efficiency Of Our Methods Using An Extensive Set Of Empirical Results On Real Datasets.

DATA SECURITY IN CLOUD COMPUTING- Data Security In Cloud Computing Using Blowfish Algorithm

Cloud Computing Has Great Potential Of Providing Robust Computational Power To The Society At Reduced Cost. It Enables Customers With Limited Computational Resources To Outsource Their Large Computation Workloads To The Cloud, And Economically Enjoy The Massive Computational Power, Bandwidth, Storage, And Even Appropriate Software That Can Be Shared In A Pay-per-use Manner .Storing Data In A Third Party’s Cloud System Causes Serious Concern Over Data Confidentiality. General Encryption Schemes Protect Data Confidentiality, But Also Limit The Functionality Of The Storage System Because A Few Operations Are Supported Over Encrypted Data. Constructing A Secure Storage System That Supports Multiple Functions Is Challenging When The Storage System Is Distributed And Has No Central Authority. We Propose A Threshold Proxy Re-encryption Scheme And Integrate It With A Decentralized Erasure Code Such That A Secure Distributed Storage System Is Formulated. The Distributed Storage System Not Only Supports Secure And Robust Data Storage And Retrieval, But Also Lets A User Forward His Data In The Storage Servers To Another User Without Retrieving The Data Back. The Main Technical Contribution Is That The Proxy Re-encryption Scheme Supports Encoding Operations Over Encrypted Messages As Well As Forwarding Operations Over Encoded And Encrypted Messages. Our Method Fully Integrates Encrypting, Encoding, And Forwarding. We Analyze And Suggest Suitable Parameters For The Number Of Copies Of A Message Dispatched To Storage Servers And The Number Of Storage Servers Queried By A Key Server.

SERVICE MANAGEMENT IN CLOUD- A Flexible Architecture For Service Management In The Cloud

Cloud Computing Is A Style Of Computing Where Different Capabilities Are Provided As A Service To Customers Using Internet Technologies. The Most Common Offered Services Are Infrastructure (IasS), Software (SaaS) And Platform (PaaS). This Work Integrates The Service Management Into The Cloud Computing Concept And Shows How Management Can Be Provided As A Service In The Cloud. Nowadays, Services Need To Adapt Their Functionalities Across Heterogeneous Environments With Different Technological And Administrative Domains. The Implied Complexity Of This Situation Can Be Simplified By A Service Management Architecture In The Cloud. This Paper Focuses On This Architecture, Taking Into Account Specific Service Management Functionalities, Like Incident Management Or KPI/SLA Management, And Provides A Complete Solution. The Proposed Architecture Is Based On A Distributed Set Of Agents, Using Semantic-based Techniques: A Shared Knowledge Plane, Instantiated In The Cloud, Has Been Introduced To Ensure Communication Between Agents.

CLOUD PROVIDERS- A Novel Economic Sharing Model In A Federation Of Selfish Cloud Providers

This Paper Presents A Novel Economic Model To Regulate Capacity Sharing In A Federation Of Hybrid Cloud Providers (CPs). The Proposed Work Models The Interactions Among The CPs As A Repeated Game Among Selfish Players That Aim At Maximizing Their Profit By Selling Their Unused Capacity In The Spot Market But Are Uncertain Of Future Workload Fluctuations. The Proposed Work First Establishes That The Uncertainty In Future Revenue Can Act As A Participation Incentive To Sharing In The Repeated Game. We, Then, Demonstrate How An Efficient Sharing Strategy Can Be Obtained Via Solving A Simple Dynamic Programming Problem. The Obtained Strategy Is A Simple Update Rule That Depends Only On The Current Workloads And A Single Variable Summarizing Past Interactions. In Contrast To Existing Approaches, The Model Incorporates Historical And Expected Future Revenue As Part Of The Virtual Machine (VM) Sharing Decision. Moreover, These Decisions Are Not Enforced Neither By A Centralized Broker Nor By Predefined Agreements. Rather, The Proposed Model Employs A Simple Grim Trigger Strategy Where A CP Is Threatened By The Elimination Of Future VM Hosting By Other CPs. Simulation Results Demonstrate The Performance Of The Proposed Model In Terms Of The Increased Profit And The Reduction In The Variance In The Spot Market VM Availability And Prices.

A SOCIAL COMPUTE CLOUD- Allocating And Sharing Infrastructure Resources Via Social Networks

Social Network Platforms Have Rapidly Changed The Way That People Communicate And Interact. They Have Enabled The Establishment Of, And Participation In, Digital Communities As Well As The Representation, Documentation And Exploration Of Social Relationships. We Believe That As `apps' Become More Sophisticated, It Will Become Easier For Users To Share Their Own Services, Resources And Data Via Social Networks. To Substantiate This, We Present A Social Compute Cloud Where The Provisioning Of Cloud Infrastructure Occurs Through “friend” Relationships. In A Social Compute Cloud, Resource Owners Offer Virtualized Containers On Their Personal Computer(s) Or Smart Device(s) To Their Social Network. However, As Users May Have Complex Preference Structures Concerning With Whom They Do Or Do Not Wish To Share Their Resources, We Investigate, Via Simulation, How Resources Can Be Effectively Allocated Within A Social Community Offering Resources On A Best Effort Basis. In The Assessment Of Social Resource Allocation, We Consider Welfare, Allocation Fairness, And Algorithmic Runtime. The Key Findings Of This Work Illustrate How Social Networks Can Be Leveraged In The Construction Of Cloud Computing Infrastructures And How Resources Can Be Allocated In The Presence Of User Sharing Preferences.

INVESTIGATE DATA CENTER PERFORMANCE- A Stochastic Model To Investigate Data Center Performance And QoS In IaaS Cloud Computing Systems

Cloud Data Center Management Is A Key Problem Due To The Numerous And Heterogeneous Strategies That Can Be Applied, Ranging From The VM Placement To The Federation With Other Clouds. Performance Evaluation Of Cloud Computing Infrastructures Is Required To Predict And Quantify The Cost-benefit Of A Strategy Portfolio And The Corresponding Quality Of Service (QoS) Experienced By Users. Such Analyses Are Not Feasible By Simulation Or On-the-field Experimentation, Due To The Great Number Of Parameters That Have To Be Investigated. In This Paper, We Present An Analytical Model, Based On Stochastic Reward Nets (SRNs), That Is Both Scalable To Model Systems Composed Of Thousands Of Resources And Flexible To Represent Different Policies And Cloud-specific Strategies. Several Performance Metrics Are Defined And Evaluated To Analyze The Behavior Of A Cloud Data Center: Utilization, Availability, Waiting Time, And Responsiveness. A Resiliency Analysis Is Also Provided To Take Into Account Load Bursts. Finally, A General Approach Is Presented That, Starting From The Concept Of System Capacity, Can Help System Managers To Opportunely Set The Data Center Parameters Under Different Working Conditions.

PRIVACY PRESERVING AUTHENTICATION - Shared Authority Based Privacy-preserving Authentication Protocol In Cloud Computing

Cloud Computing Is An Emerging Data Interactive Paradigm To Realize Users' Data Remotely Stored In An Online Cloud Server. Cloud Services Provide Great Conveniences For The Users To Enjoy The On-demand Cloud Applications Without Considering The Local Infrastructure Limitations. During The Data Accessing, Different Users May Be In A Collaborative Relationship, And Thus Data Sharing Becomes Significant To Achieve Productive Benefits. The Existing Security Solutions Mainly Focus On The Authentication To Realize That A User's Privative Data Cannot Be Illegally Accessed, But Neglect A Subtle Privacy Issue During A User Challenging The Cloud Server To Request Other Users For Data Sharing. The Challenged Access Request Itself May Reveal The User's Privacy No Matter Whether Or Not It Can Obtain The Data Access Permissions. In This Paper, We Propose A Shared Authority Based Privacy-preserving Authentication Protocol (SAPA) To Address Above Privacy Issue For Cloud Storage. In The SAPA, 1) Shared Access Authority Is Achieved By Anonymous Access Request Matching Mechanism With Security And Privacy Considerations (e.g., Authentication, Data Anonymity, User Privacy, And Forward Security); 2) Attribute Based Access Control Is Adopted To Realize That The User Can Only Access Its Own Data Fields; 3) Proxy Re-encryption Is Applied To Provide Data Sharing Among The Multiple Users. Meanwhile, Universal Composability (UC) Model Is Established To Prove That The SAPA Theoretically Has The Design Correctness. It Indicates That The Proposed Protocol Is Attractive For Multi-user Collaborative Cloud Applications.

SECURE AUTHERIZED DEDUPLICATION - A Hybrid Cloud Approach For Secure Authorized Deduplication

Data Deduplication Is One Of Important Data Compression Techniques For Eliminating Duplicate Copies Of Repeating Data, And Has Been Widely Used In Cloud Storage To Reduce The Amount Of Storage Space And Save Bandwidth. To Protect The Confidentiality Of Sensitive Data While Supporting Deduplication, The Convergent Encryption Technique Has Been Proposed To Encrypt The Data Before Outsourcing. To Better Protect Data Security, This Paper Makes The First Attempt To Formally Address The Problem Of Authorized Data Deduplication. Different From Traditional Deduplication Systems, The Differential Privileges Of Users Are Further Considered In Duplicate Check Besides The Data Itself. We Also Present Several New Deduplication Constructions Supporting Authorized Duplicate Check In A Hybrid Cloud Architecture. Security Analysis Demonstrates That Our Scheme Is Secure In Terms Of The Definitions Specified In The Proposed Security Model. As A Proof Of Concept, We Implement A Prototype Of Our Proposed Authorized Duplicate Check Scheme And Conduct Testbed Experiments Using Our Prototype. We Show That Our Proposed Authorized Duplicate Check Scheme Incurs Minimal Overhead Compared To Normal Operations.

AUDITING FOR SHARED DATAIN CLOUD Privacy-Preserving Public Auditing For Shared Data In The Cloud

With Cloud Data Services, It Is Commonplace For Data To Be Not Only Stored In The Cloud, But Also Shared Across Multiple Users. Unfortunately, The Integrity Of Cloud Data Is Subject To Skepticism Due To The Existence Of Hardware/software Failures And Human Errors. Several Mechanisms Have Been Designed To Allow Both Data Owners And Public Verifiers To Efficiently Audit Cloud Data Integrity Without Retrieving The Entire Data From The Cloud Server. However, Public Auditing On The Integrity Of Shared Data With These Existing Mechanisms Will Inevitably Reveal Confidential Information—identity Privacy—to Public Verifiers. In This Paper, We Propose A Novel Privacy-preserving Mechanism That Supports Public Auditing On Shared Data Stored In The Cloud. In Particular, We Exploit Ring Signatures To Compute Verification Metadata Needed To Audit The Correctness Of Shared Data. With Our Mechanism, The Identity Of The Signer On Each Block In Shared Data Is Kept Private From Public Verifiers, Who Are Able To Efficiently Verify Shared Data Integrity Without Retrieving The Entire File. In Addition, Our Mechanism Is Able To Perform Multiple Auditing Tasks Simultaneously Instead Of Verifying Them One By One. Our Experimental Results Demonstrate The Effectiveness And Efficiency Of Our Mechanism When Auditing Shared Data Integrity.

PERFORMACE AND COST EVALUATION - Performance And Cost Evaluation Of An Adaptive Encryption Architecture For Cloud Databases

The Cloud Database As A Service Is A Novel Paradigm That Can Support Several Internet-based Applications, But Its Adoption Requires The Solution Of Information Confidentiality Problems. We Propose A Novel Architecture For Adaptive Encryption Of Public Cloud Databases That Offers An Interesting Alternative To The Tradeoff Between The Required Data Confidentiality Level And The Flexibility Of The Cloud Database Structures At Design Time. We Demonstrate The Feasibility And Performance Of The Proposed Solution Through A Software Prototype. Moreover, We Propose An Original Cost Model That Is Oriented To The Evaluation Of Cloud Database Services In Plain And Encrypted Instances And That Takes Into Account The Variability Of Cloud Prices And Tenant Workloads During A Medium-term Period.

SOCIAL VIDEO SHARING IN CLOUD - AMES-Cloud Framework Of Adaptive Mobile Video Streaming And Efficient Social Video Sharing In The Clouds

While Demands On Video Traffic Over Mobile Networks Have Been Souring, The Wireless Link Capacity Cannot Keep Up With The Traffic Demand. The Gap Between The Traffic Demand And The Link Capacity, Along With Time-varying Link Conditions, Results In Poor Service Quality Of Video Streaming Over Mobile Networks Such As Long Buffering Time And Intermittent Disruptions. Leveraging The Cloud Computing Technology, We Propose A New Mobile Video Streaming Framework, Dubbed AMES-Cloud, Which Has Two Main Parts: Adaptive Mobile Video Streaming (AMoV) And Efficient Social Video Sharing (ESoV). AMoV And ESoV Construct A Private Agent To Provide Video Streaming Services Efficiently For Each Mobile User. For A Given User, AMoV Lets Her Private Agent Adaptively Adjust Her Streaming Flow With A Scalable Video Coding Technique Based On The Feedback Of Link Quality. Likewise, ESoV Monitors The Social Network Interactions Among Mobile Users, And Their Private Agents Try To Prefetch Video Content In Advance. We Implement A Prototype Of The AMES-Cloud Framework To Demonstrate Its Performance. It Is Shown That The Private Agents In The Clouds Can Effectively Provide The Adaptive Streaming, And Perform Video Sharing (i.e., Prefetching) Based On The Social Network Analysis.

DATA SHARING FOR DYNAMIC GROPUS IN CLOUD - MONA-Multi-Owner Data Sharing For Dynamic Groups In The Cloud

With The Character Of Low Maintenance, Cloud Computing Provides An Economical And Efficient Solution For Sharing Group Resource Among Cloud Users. Unfortunately, Sharing Data In A Multi-owner Manner While Preserving Data And Identity Privacy From An Untrusted Cloud Is Still A Challenging Issue, Due To The Frequent Change Of The Membership. In This Paper, We Propose A Secure Multi-owner Data Sharing Scheme, Named Mona, For Dynamic Groups In The Cloud. By Leveraging Group Signature And Dynamic Broadcast Encryption Techniques, Any Cloud User Can Anonymously Share Data With Others. Meanwhile, The Storage Overhead And Encryption Computation Cost Of Our Scheme Are Independent With The Number Of Revoked Users. In Addition, We Analyze The Security Of Our Scheme With Rigorous Proofs, And Demonstrate The Efficiency Of Our Scheme In Experiments

DATA SECURITY IN CLOUD COMPUTING - Ensuring Data Security In Cloud Computing

With The Advent Of Cloud Computing, Data Owners Are Motivated To Outsource Their Complex Data Management Systems From Local Sites To Commercial Public Cloud For Great Flexibility And Economic Savings. But For Protecting Data Privacy, Sensitive Data Has To Be Encrypted Before Outsourcing, Which Obsoletes Traditional Data Utilization Based On Plaintext Keyword Search. Thus, Enabling An Encrypted Cloud Data Search Service Is Of Paramount Importance. Considering The Large Number Of Data Users And Documents In Cloud, It Is Crucial For The Search Service To Allow Multi-keyword Query And Provide Result Similarity Ranking To Meet The Effective Data Retrieval Need. Related Works On Searchable Encryption Focus On Single Keyword Search Or Boolean Keyword Search, And Rarely Differentiate The Search Results. In This Paper, For The First Time, We Define And Solve The Challenging Problem Of Privacy-preserving Multi-keyword Ranked Search Over Encrypted Cloud Data (MRSE), And Establish A Set Of Strict Privacy Requirements For Such A Secure Cloud Data Utilization System To Become A Reality. Among Various Multi-keyword Semantics, We Choose The Efficient Principle Of “coordinate Matching”, I.e., As Many Matches As Possible, To Capture The Similarity Between Search Query And Data Documents, And Further Use “inner Product Similarity” To Quantitatively Formalize Such Principle For Similarity Measurement. We First Propose A Basic MRSE Scheme Using Secure Inner Product Computation, And Then Significantly Improve It To Meet Different Privacy Requirements In Two Levels Of Threat Models. Thorough Analysis Investigating Privacy And Efficiency Guarantees Of Proposed Schemes Is Given, And Experiments On The Real-world Dataset Further Show Proposed Schemes Indeed Introduce Low Overhead On Computation And Communication.

MULTI CLOUD ARCHITECTURE - Security And Privacy Enhancing Multi-Cloud Architecture

Security Challenges Are Still Among The Biggest Obstacles When Considering The Adoption Of Cloud Services. This Triggered A Lot Of Research Activities, Resulting In A Quantity Of Proposals Targeting The Various Cloud Security Threats. Alongside With These Security Issues, The Cloud Paradigm Comes With A New Set Of Unique Features, Which Open The Path Toward Novel Security Approaches, Techniques, And Architectures. This Paper Provides A Survey On The Achievable Security Merits By Making Use Of Multiple Distinct Clouds Simultaneously. Various Distinct Architectures Are Introduced And Discussed According To Their Security And Privacy Capabilities And Prospects.

SERVICE BASED APPLICATION IN THE CLOUD- A Decentralized Self-adaptation Mechanism For Service-based Applications In The Cloud

Cloud Computing, With Its Promise Of (almost) Unlimited Computation, Storage, And Bandwidth, Is Increasingly Becoming The Infrastructure Of Choice For Many Organizations. As Cloud Offerings Mature, Service-based Applications Need To Dynamically Recompose Themselves To Self-adapt To Changing QoS Requirements. In This Paper, We Present A Decentralized Mechanism For Such Self-adaptation, Using Market-based Heuristics. We Use A Continuous Double-auction To Allow Applications To Decide Which Services To Choose, Among The Many On Offer. We View An Application As A Multi-agent System And The Cloud As A Marketplace Where Many Such Applications Self-adapt. We Show Through A Simulation Study That Our Mechanism Is Effective For The Individual Application As Well As From The Collective Perspective Of All Applications Adapting At The Same Time.

SECURE DATA FORWARDING - A Secure Erasure Code Based Cloud Storage System With Secure Data Forwarding

A Cloud Storage System, Consisting Of A Collection Of Storage Servers, Provides Long-term Storage Services Over The Internet. Storing Data In A Third Party's Cloud System Causes Serious Concern Over Data Confidentiality. General Encryption Schemes Protect Data Confidentiality, But Also Limit The Functionality Of The Storage System Because A Few Operations Are Supported Over Encrypted Data. Constructing A Secure Storage System That Supports Multiple Functions Is Challenging When The Storage System Is Distributed And Has No Central Authority. We Propose A Threshold Proxy Re-encryption Scheme And Integrate It With A Decentralized Erasure Code Such That A Secure Distributed Storage System Is Formulated. The Distributed Storage System Not Only Supports Secure And Robust Data Storage And Retrieval, But Also Lets A User Forward His Data In The Storage Servers To Another User Without Retrieving The Data Back. The Main Technical Contribution Is That The Proxy Re-encryption Scheme Supports Encoding Operations Over Encrypted Messages As Well As Forwarding Operations Over Encoded And Encrypted Messages. Our Method Fully Integrates Encrypting, Encoding, And Forwarding. We Analyze And Suggest Suitable Parameters For The Number Of Copies Of A Message Dispatched To Storage Servers And The Number Of Storage Servers Queried By A Key Server. These Parameters Allow More Flexible Adjustment Between The Number Of Storage Servers And Robustness.

HIERARCHICAL ATTRIBUTE - HASBE-A Hierarchical Attribute Based Solution For Flexible And Scalable Access Control In Cloud Computing

Cloud Computing Has Emerged As One Of The Most Influential Paradigms In The IT Industry In Recent Years. Since This New Computing Technology Requires Users To Entrust Their Valuable Data To Cloud Providers, There Have Been Increasing Security And Privacy Concerns On Outsourced Data. Several Schemes Employing Attribute-based Encryption (ABE) Have Been Proposed For Access Control Of Outsourced Data In Cloud Computing; However, Most Of Them Suffer From Inflexibility In Implementing Complex Access Control Policies. In Order To Realize Scalable, Flexible, And Fine-grained Access Control Of Outsourced Data In Cloud Computing, In This Paper, We Propose Hierarchical Attribute-set-based Encryption (HASBE) By Extending Ciphertext-policy Attribute-set-based Encryption (ASBE) With A Hierarchical Structure Of Users. The Proposed Scheme Not Only Achieves Scalability Due To Its Hierarchical Structure, But Also Inherits Flexibility And Fine-grained Access Control In Supporting Compound Attributes Of ASBE. In Addition, HASBE Employs Multiple Value Assignments For Access Expiration Time To Deal With User Revocation More Efficiently Than Existing Schemes. We Formally Prove The Security Of HASBE Based On Security Of The Ciphertext-policy Attribute-based Encryption Scheme By Bethencourt And Analyze Its Performance And Computational Complexity. We Implement Our Scheme And Show That It Is Both Efficient And Flexible In Dealing With Access Control For Outsourced Data In Cloud Computing With Comprehensive Experiments.

RANKING PREDICTION - QoS Ranking Prediction For Cloud Services

Cloud Computing Is Becoming Popular. Building High-quality Cloud Applications Is A Critical Research Problem. QoS Rankings Provide Valuable Information For Making Optimal Cloud Service Selection From A Set Of Functionally Equivalent Service Candidates. To Obtain QoS Values, Real-world Invocations On The Service Candidates Are Usually Required. To Avoid The Time-consuming And Expensive Real-world Service Invocations, This Paper Proposes A QoS Ranking Prediction Framework For Cloud Services By Taking Advantage Of The Past Service Usage Experiences Of Other Consumers. Our Proposed Framework Requires No Additional Invocations Of Cloud Services When Making QoS Ranking Prediction. Two Personalized QoS Ranking Prediction Approaches Are Proposed To Predict The QoS Rankings Directly. Comprehensive Experiments Are Conducted Employing Real-world QoS Data, Including 300 Distributed Users And 500 Real-world Web Services All Over The World. The Experimental Results Show That Our Approaches Outperform Other Competing Approaches.

CQA POST VOTING PREDICTION - QAAN Question Answering Attention Networking For Community Question Classification

Community Question Answering (CQA) Provides Platforms For Users With Various Backgrounds To Obtain Information And Share Knowledge. In Recent Years, With The Rapid Development Of Such Online Platforms, An Enormous Amount Of Archive Data Has Accumulated, It Becomes More And More Difficult For Expert Users To Identify Desirable Questions. In Order To Reduce The Proportion Of Unanswered Questions In CQA, Facilitate Expert Users To Find The Questions They Are Interested In, Question Classification Becomes An Important Task Of CQA, Which Aims To Assign A Newly Posted Question To A Specific Preset Category. In This Paper, We Propose A Novel Question Answering Attention Network (QAAN) For Investigating The Role Of The Paired Answer Of Questions For Classification. Specifically, QAAN Studies The Correlation Between Question And Paired Answer, Taking The Questions As The Primary Part Of The Question Representation, And The Answer Information Is Aggregated Based On Similarity And Disparity With The Answer. Our Experiment Is Implemented On Yahoo! Answers Dataset. The Results Show That QAAN Outperforms All The Baseline Models.

REPRESENTATIVE TRAVEL ROUTE RECOMMENDATION- Personalized Tourism Route Recommendation System Based On Dynamic Clustering Of User Groups

Tourism Path Dynamic Planning Is An Asynchronous Group Model Planning Problem. It Is Required To Find Group Patterns With Similar Trajectory Behavior Under The Constraint Of Unequal Time Intervals. Traditional Trajectory Group Pattern Mining Algorithms Often Deal With GPS Data With Fixed Time Interval Sampling Constraints, So They Can Not Be Directly Used In Coterie Pattern Mining. At The Same Time, Traditional Group Pattern Mining Has The Problem Of Lack Of Semantic Information, Which Reduces The Integrity And Accuracy Of Personalized Travel Route Recommendation. Therefore, This Paper Proposes A Semantic Based Distance Sensitive Recommendation Strategy. In Order To Efficiently Process Large-scale Social Network Trajectory Data, This Paper Uses MapReduce Programming Model With Optimized Clustering To Mine Coterie Group Patterns. The Experimental Results Show That: Under MapReduce Programming Model, Coterie Group Pattern Mining With Optimized Clustering And Semantic Information Is Superior To Traditional Group Mode In Personalized Travel Route Recommendation Quality, And Can Effectively Process Large-scale Social Network Trajectory Data.

CREDIT CARD FRAUD DETECTION - Fraud Detection In Credit Card Data Using Unsupervised Machine Learning Based Scheme

Development Of Communication Technologies And E-commerce Has Made The Credit Card As The Most Common Technique Of Payment For Both Online And Regular Purchases. So, Security In This System Is Highly Expected To Prevent Fraud Transactions. Fraud Transactions In Credit Card Data Transaction Are Increasing Each Year. In This Direction, Researchers Are Also Trying The Novel Techniques To Detect And Prevent Such Frauds. However, There Is Always A Need Of Some Techniques That Should Precisely And Efficiently Detect These Frauds. This Paper Proposes A Scheme For Detecting Frauds In Credit Card Data Which Uses A Neural Network (NN) Based Unsupervised Learning Technique. Proposed Method Outperforms The Existing Approaches Of Auto Encoder (AE), Local Outlier Factor (LOF), Isolation Forest (IF) And K-Means Clustering. Proposed NN Based Fraud Detection Method Performs With 99.87% Accuracy Whereas Existing Methods AE, IF, LOF And K Means Gives 97%, 98%, 98% And 99.75% Accuracy Respectively.

SECURE MINING OF ASSOCIATION RULES - Scalable Privacy-Preserving Distributed Extremely Randomized Trees For Structured Data With Multiple Colluding Parties

Today, In Many Real-world Applications Of Machine Learning Algorithms, The Data Is Stored On Multiple Sources Instead Of At One Central Repository. In Many Such Scenarios, Due To Privacy Concerns And Legal Obligations, E.g., For Medical Data, And Communication/computation Overhead, For Instance For Large Scale Data, The Raw Data Cannot Be Transferred To A Center For Analysis. Therefore, New Machine Learning Approaches Are Proposed For Learning From The Distributed Data In Such Settings. In This Paper, We Extend The Distributed Extremely Randomized Trees (ERT) Approach W.r.t. Privacy And Scalability. First, We Extend Distributed ERT To Be Resilient W.r.t. The Number Of Colluding Parties In A Scalable Fashion. Then, We Extend The Distributed ERT To Improve Its Scalability Without Any Major Loss In Classification Performance. We Refer To Our Proposed Approach As K-PPD-ERT Or Privacy-Preserving Distributed Extremely Randomized Trees With K Colluding Parties.

TAXI DRIVERS ROUTE CHOICE BEHAVIOR USING THE TRACE RECORDS- A Mixed Path Size Logit-Based Taxi Customer-Search Model Considering Spatio-Temporal Factors In Route Choice

This Paper Introduces A Model To Analyze Route Choice Behavior Of Taxi Drivers For Finding Next Passenger In Urban Road Network. Considering The Situation Of Path Overlapping Between Selected Routes In The Process Of Customer-searching, A Mixed Path Size Logit Model Is Proposed To Analyze Route Choice Behaviors Through Considering Spatio-temporal Features Of Route Including Customer Generation Rate, Path Travel Time, Cumulative Intersection Delay, Path Distance, And Path Size. Specially, Customer Generation Rate Is Defined As Attraction Strength Based On Historical Pick-up Records In The Route, The Intersection Travel Delay And Path Travel Time Are Estimated Based On Large Scaled Taxi Global Positioning System Trajectories. In The Experiment, The GPS Data Were Collected From About 36000 Taxi Vehicles In Beijing At 30-s Interval During Six Months. In The Model Application, An Area Of Approximately 10 Square Kilometers In The Center Of Beijing Is Selected To Demonstrate The Effectiveness Of The Proposed Model. The Results Indicated That The MPSL Model Could Effectively Analyze The Route Choice Behavior In Customer-searching Process And Express Higher Accuracy Than Traditional Multinomial Logit Model And Basic PSL Model.

FILE TRANSFER USING CRYPTOGRAPHIC TECHNIQUE - Enhancing Secure Digital Communication Media Using Cryptographic Steganography Techniques

Data Hiding Technique Is The Process Of Anti-computer Forensic For Making The Data Difficult To Accessible. Steganography Is Merging Texts, Files, Or Other Multimedia Files Within Another Texts, Files, Or Other Multimedia Files To Reduce The Visible Attack And It Is An Approach Of Data Hiding Technique. Cryptography Is Changing The Readable Text To Illegible Information. This Paper Presents About Secure Communication Media Which Is Used In Transferring Text, Multimedia Or Relevant Digital File Between Sender And Receiver Securely. To Have Securing Communication Media, The Media Required To Reduce The Possible Threats And Vulnerabilities. Therefore, Transferred Media Is Main Thing To Consideration For Having Communication System Firmly. Data Hiding Techniques Are Used To Improve The Security Of Communication Media Using Salt Encryption. This Paper Is Proposed The Methodology To Develop The Secure Communication Media Using Combination Of Cryptography And Steganography Techniques By Describing Experimental Results From Difference Technical Analysis.

PREDICT LENGTH OF STAY OF STROKE PATIENTS USING DATA MINING TECHNIQUES - SNOMED CT-Based Standardized E-Clinical Pathways For Enabling Big Data Analytics In Healthcare

Automation Of Healthcare Facilities Represents A Challenging Task Of Streamlining A Highly Information-intensive Sector. Modern Healthcare Processes Produce Large Amounts Of Data That Have Great Potential For Health Policymakers And Data Science Researchers. However, A Considerable Portion Of Such Data Is Not Captured In Electronic Format And Hidden Inside The Paperwork. A Major Source Of Missing Data In Healthcare Is Paper-based Clinical Pathways (CPs). CPs Are Healthcare Plans That Detail The Interventions For The Treatment Of Patients, And Thus Are The Primary Source For Healthcare Data. However, Most CPs Are Used As Paper-based Documents And Not Fully Automated. A Key Contribution Towards The Full Automation Of CPs Is Their Proper Computer Modeling And Encoding Their Data With International Clinical Terminologies. We Present In This Research An Ontology-based CP Automation Model In Which CP Data Are Standardized With SNOMED CT, Thus Enabling Machine Learning Algorithms To Be Applied To CP-based Datasets. CPs Automated Under This Model Contribute Significantly To Reducing Data Missingness Problems, Enabling Detailed Statistical Analyses On CP Data, And Improving The Results Of Data Analytics Algorithms. Our Experimental Results On Predicting The Length Of Stay (LOS) Of Stroke Patients Using A Dataset Resulting From An E-clinical Pathway Demonstrate Improved Prediction Results Compared With LOS Prediction Using Traditional EHR-based Datasets. Fully Automated CPs Enrich Medical Datasets With More CP Data And Open New Opportunities For Machine Learning Algorithms To Show Their Full Potential In Improving Healthcare, Reducing Costs, And Increasing Patient Satisfaction

PREDICT CHANGING STUDENTS ATTITUDE USING DATA MINING - Supporting Teachers To Monitor Students Learning Progress In An Educational Environment With Robotics Activities

Educational Robotics Has Proven Its Positive Impact On The Performances And Attitudes Of Students. However, The Educational Environments That Employ Them Rarely Provide Teachers With Relevant Information That Can Be Used To Make An Effective Monitoring Of The Student Learning Progress. To Overcome These Limitations, In This Paper We Present IDEE (Integrated Didactic Educational Environment), An Educational Environment For Physics, That Uses EV3 LEGO Mindstorms R Educational Kit As Robotic Component. To Provide Support To Teachers, IDEE Includes A Dashboard That Provides Them With Information About The Students’ Learning Process. This Analysis Is Done By Means Of An Additive Factor Model (AFM). That Is A Well-known Technique In The Educational Data Mining Research Area. However, It Has Been Usually Employed To Carry Out Analysis About Students’ Performance Data Outside The System. This Can Be A Burden For The Teacher Who, In Most Cases, Is Not An Expert In Data Analysis. Our Goal In This Paper Is To Show How The Coefficients Of AFM Provide Valuable Information To The Teacher Without Requiring Any Deep Expertise In Data Analysis. In Addition, We Show An Improved Version Of The AFM That Provides A Deeper Understanding About The Students’ Learning Process.

MALWARE DETECTION IN GOOGLE PLAY - Towards De-Anonymization Of Google Play Search Rank Fraud

Search Rank Fraud, The Fraudulent Promotion Of Products Hosted On Peer-review Sites, Is Driven By Expert Workers Recruited Online, Often From Crowdsourcing Sites. In This Paper We Introduce The Fraud De-anonymization Problem, That Goes Beyond Fraud Detection, To Unmask The Human Masterminds Responsible For Posting Search Rank Fraud In Peer-review Sites. We Collect And Study Data From Crowdsourced Search Rank Fraud Jobs, And Survey The Capabilities And Behaviors Of 58 Search Rank Fraud Workers Recruited From 6 Crowdsourcing Sites. We Collect A Gold Standard Dataset Of Google Play User Accounts Attributed To 23 Crowdsourced Workers And Analyze Their Fraudulent Behaviors In The Wild. We Propose Dolos , A Fraud De-anonymization System That Leverages Traits And Behaviors We Extract From Our Studies, To Attribute Detected Fraud To Crowdsourcing Site Workers, Thus To Real Identities And Bank Accounts. We Introduce MCDense, A Min-cut Dense Component Detection Algorithm To Uncover Groups Of User Accounts Controlled By Different Workers, And Use Stylometry And Supervised Learning To Attribute Them To Crowdsourcing Site Profiles. Dolos Correctly Identified The Owners Of 95 Percent Of Fraud Worker-controlled Communities, And Uncovered Fraud Workers Who Promoted As Many As 97.5 Percent Of Fraud Apps We Collected From Google Play. When Evaluated On 13,087 Apps (820,760 Reviews), Which We Monitored Over More Than 6 Months, Dolos Identified 1,056 Apps With Suspicious Reviewer Groups. We Report Orthogonal Evidence Of Their Fraud, Including Fraud Duplicates And Fraud Re-posts. Dolos Significantly Outperformed Adapted Dense Subgraph Detection And Loopy Belief Propagation Competitors, On Two New Coverage Scores That Measure The Quality Of Detected Community Partitions.

LOCATION AWARE KEYWORD QUERY SUGGESTION - Integrating “Random Forest” With Indexing And Query Processing For Personalized Search

The Internet Has Become An Integral Part Of At Least 4.4 Billion Lives. An Average Person Looks At Their Device At Least 20 Times A Day. One Can Only Imagine The Amount Of Queries A Search Engine Gets On A Daily Basis. With The Help Of All The Data Acquired Over The Years, The Internet Updates Us With All The Biggest Trends And Live Events Happening All Over The World. A Search Engine Is Able To Provide Query Suggestions Based On The Number Of Times A Keyword Has Been Searched For Or The Current Query Relates To A Certain Trend. All These Trends Are Updated To Every Device Internationally Or Locally. This Concept Is Generalized Throughout All Devices That Use Any Kind Of Search Engine On Any Application. Through This Paper We Intend To Propose To Use Random Forest As A Predictive Model To Be Integrated With The Indexing Process Of The Search Engine To Produce Query Suggestions That A User Would Want To Search, Contrary To The Query Suggestions That Are Usually Displayed Based On Hyped Trends And Fashion.

USER TRUST AND ITEM RATINGS PREDICT - A Novel Implicit Trust Recommendation Approach For Rating Prediction

Rating Predictions, As An Application That Is Widely Used In Recommender Systems, Have Gradually Become A Valuable Way Which Can Help User Narrow Down Their Choices Quickly And Make Wise Decisions From The Vast Amount Of Information. However, Most Existing Collaborative Recommendation Models Suffer From Poor Accuracy Due To Data Sparsity And Cold Start Problems That Recommender Systems Contain Only A Few Explicit Data. To Solve This Problem, A New Implicit Trust Recommendation Approach (ITRA) Is Proposed To Generate Item Rating Prediction By Mining And Utilizing User Implicit Information In Recommender Systems. Specifically, User Trust Neighbor Set That Has Similar Preference And Taste With A Target User Is First Obtained By Trust Expansion Strategy Via User Trust Diffusion Features In A Trust Network. Then, The Trust Ratings Mined From User Trust Neighbors Are Used To Compute Trust Similarity Among Users Based On User Collaborative Filtering Model. Finally, Using The Above Filtered Trust Ratings And User Trust Similarity, The Prediction Results Are Generated By A Trust Weighting Method. In Addition, The Empirical Experiments Are Conducted On Three Real-world Datasets, And The Results Demonstrate That Our Rating Prediction Model Has Obvious Advantages Over The State-of-the-art Comparison Methods In Terms Of The Accuracy Of Recommendations.

PRIVACY POLICY INFERENCE OF USER-UPLOADED IMAGES - User Flagging For Posts At 3DTubeorg The First Social Platform For 3D-Exclusive Contents

Social Networks Have Been A Popular Way For A Community To Share Content, Information, And News. Despite Section 230 Of The Communications Decency Act Of 1996 Protecting Social Platforms From Legal Liability Regarding User Uploaded Contents Of Their Platforms In The USA, There Has Been A Recent Call For Some Jurisdiction Over Platform Management Practices. This Duty Of Potential Jurisdiction Would Be Especially Challenging For Social Networks That Are Rich In Multimedia Contents, Such As, Since 3D Capabilities Have A History Of Attracting Adult Materials And Other Controversial Content. This Paper Presents The Design Of To Address Two Major Issues: (1) The Need For A Social Media Platform Of 3D Contents And (2) The Policies And Designs For Mediation Of Said Contents. Content Mediation Can Be Seen As A Compromise Between Two Conflicting Goals: Platform Micromanaging Of Content, Which Is Resource-intensive, And User Notification Of Flagged Content And Material, Prior To Viewing. This Paper Details's Solution To Such A Compromise.

SEMANTICALLY SECURE ENCRYPTED RELATIONAL DATA USING K -NEAREST NEIGHBOR CLASSIFICATION - A Distributed Storage And Computation K-Nearest Neighbor Algorithm Based Cloud-Edge Computing For Cyber-Physical-Social Systems

The K-nearest Neighbor (kNN) Algorithm Is A Classic Supervised Machine Learning Algorithm. It Is Widely Used In Cyber-physical-social Systems (CPSS) To Analyze And Mine Data. However, In Practical CPSS Applications, The Standard Linear KNN Algorithm Struggles To Efficiently Process Massive Data Sets. This Paper Proposes A Distributed Storage And Computation K-nearest Neighbor (D-kNN) Algorithm. The D-kNN Algorithm Has The Following Advantages: First, The Concept Of K-nearest Neighbor Boundaries Is Proposed And The K-nearest Neighbor Search Within The K-nearest Neighbors Boundaries Can Effectively Reduce The Time Complexity Of KNN. Second, Based On The K-neighbor Boundary, Massive Data Sets Beyond The Main Storage Space Are Stored On Distributed Storage Nodes. Third, The Algorithm Performs K-nearest Neighbor Searching Efficiently By Performing Distributed Calculations At Each Storage Node. Finally, A Series Of Experiments Were Performed To Verify The Effectiveness Of The D-kNN Algorithm. The Experimental Results Show That The D-kNN Algorithm Based On Distributed Storage And Calculation Effectively Improves The Operation Efficiency Of K-nearest Neighbor Search. The Algorithm Can Be Easily And Flexibly Deployed In A Cloud-edge Computing Environment To Process Massive Data Sets In CPSS.

COMPLICATION RISK PROFILING IN DIABETES CARE- A Bayesian Multi-Task And Feature Relationship Learning Approach

Diabetes Mellitus, Commonly Known As Diabetes, Is A Chronic Disease That Often Results In Multiple Complications. Risk Prediction Of Diabetes Complications Is Critical For Healthcare Professionals To Design Personalized Treatment Plans For Patients In Diabetes Care For Improved Outcomes. In This Paper, Focusing On Type 2 Diabetes Mellitus (T2DM), We Study The Risk Of Developing Complications After The Initial T2DM Diagnosis From Longitudinal Patient Records. We Propose A Novel Multi-task Learning Approach To Simultaneously Model Multiple Complications Where Each Task Corresponds To The Risk Modeling Of One Complication. Specifically, The Proposed Method Strategically Captures The Relationships (1) Between The Risks Of Multiple T2DM Complications, (2) Between Different Risk Factors, And (3) Between The Risk Factor Selection Patterns, Which Assumes Similar Complications Have Similar Contributing Risk Factors. The Method Uses Coefficient Shrinkage To Identify An Informative Subset Of Risk Factors From High-dimensional Data, And Uses A Hierarchical Bayesian Framework To Allow Domain Knowledge To Be Incorporated As Priors. The Proposed Method Is Favorable For Healthcare Applications Because In Addition To Improved Prediction Performance, Relationships Among The Different Risks And Among Risk Factors Are Also Identified. Extensive Experimental Results On A Large Electronic Medical Claims Database Show That The Proposed Method Outperforms State-of-the-art Models By A Significant Margin. Furthermore, We Show That The Risk Associations Learned And The Risk Factors Identified Lead To Meaningful Clinical Insights.

SUPPLY AND DEMAND CHAIN INTEGRATION- Sustainable Supply And Demand Chain Integration Within Global Manufacturing Industries

Given The Emerging Industrial Management Strategies Considering Three Pillars Of Sustainability In Particular, There Is A Vital Need To Determine The Differences Of Sustainability Practices Within Both Supply And Demand Distribution Systems Through Global Manufacturing Environments Providing With The Successful Global Trade And Logistics. This Research Paper Aims To Explore The Interactions And Advantages Of Sustainability Applications Within Both Supply And Demand Chain Management. The Research Framework Adopted Consists Of Survey Questionnaire Method Which Is Conducted Within A Global Tyre Manufacturing Company. The Research Results And Analysis Justify The Need For The Application Of Ethical Codes, Supply Chain Transformation And The Effective Association Of Industry Executives, Professional Bodies And The Government. The Research Study Also Identifies That The Vital Incentive Factors For The Organisation Towards Sustainable Supply Demand Chain (SSDC) Are Mostly The Financial Benefits Of Doing So And Therefore, A Positive Mind-set Shift Towards Greening Practices Is Required.

MULTI-KEY WORD RANKED SEARCH - Privacy Preserving Multi-Key Word Ranked Search Over Encrypted Cloud Data

With The Advent Of Cloud Computing, Data Owners Are Motivated To Outsource Their Complex Data Management Systems From Local Sites To The Commercial Public Cloud For Great Flexibility And Economic Savings. But For Protecting Data Privacy, Sensitive Data Have To Be Encrypted Before Outsourcing, Which Obsoletes Traditional Data Utilization Based On Plaintext Keyword Search. Thus, Enabling An Encrypted Cloud Data Search Service Is Of Paramount Importance. Considering The Large Number Of Data Users And Documents In The Cloud, It Is Necessary To Allow Multiple Keywords In The Search Request And Return Documents In The Order Of Their Relevance To These Keywords. Related Works On Searchable Encryption Focus On Single Keyword Search Or Boolean Keyword Search, And Rarely Sort The Search Results. In This Paper, For The First Time, We Define And Solve The Challenging Problem Of Privacy-preserving Multi-keyword Ranked Search Over Encrypted Data In Cloud Computing (MRSE). We Establish A Set Of Strict Privacy Requirements For Such A Secure Cloud Data Utilization System. Among Various Multi-keyword Semantics, We Choose The Efficient Similarity Measure Of "coordinate Matching," I.e., As Many Matches As Possible, To Capture The Relevance Of Data Documents To The Search Query. We Further Use "inner Product Similarity" To Quantitatively Evaluate Such Similarity Measure. We First Propose A Basic Idea For The MRSE Based On Secure Inner Product Computation, And Then Give Two Significantly Improved MRSE Schemes To Achieve Various Stringent Privacy Requirements In Two Different Threat Models. To Improve Search Experience Of The Data Search Service, We Further Extend These Two Schemes To Support More Search Semantics. Thorough Analysis Investigating Privacy And Efficiency Guarantees Of Proposed Schemes Is Given. Experiments On The Real-world Data Set Further Show Proposed Schemes Indeed Introduce Low Overhead On Computation And Communication.

SKYLINE PRODUCT - Finding Optimal Skyline Product Combination Under Price Promotion

Nowadays, With The Development Of E-commerce, A Growing Number Of Customers Choose To Go Shopping Online. To Find Attractive Products From Online Shopping Marketplaces, The Skyline Query Is A Useful Tool Which Offers More Interesting And Preferable Choices For Customers. The Skyline Query And Its Variants Have Been Extensively Investigated. However, To The Best Of Our Knowledge, They Have Not Taken Into Account The Requirements Of Customers In Certain Practical Application Scenarios. Recently, Online Shopping Marketplaces Usually Hold Some Price Promotion Campaigns To Attract Customers And Increase Their Purchase Intention. Considering The Requirements Of Customers In This Practical Application Scenario, We Are Concerned About Product Selection Under Price Promotion. We Formulate A Constrained Optimal Product Combination (COPC) Problem. It Aims To Find Out The Skyline Product Combinations Which Both Meet A Customer's Willingness To Pay And Bring The Maximum Discount Rate. The COPC Problem Is Significant To Offer Powerful Decision Support For Customers Under Price Promotion, Which Is Certified By A Customer Study. To Process The COPC Problem Effectively, We First Propose A Two List Exact (TLE) Algorithm. The COPC Problem Is Proven To Be NP-hard, And The TLE Algorithm Is Not Scalable Because It Needs To Process An Exponential Number Of Product Combinations. Additionally, We Design A Lower Bound Approximate (LBA) Algorithm That Has A Guarantee About The Accuracy Of The Results And An Incremental Greedy (IG) Algorithm That Has Good Performance. The Experiment Results Demonstrate The Efficiency And Effectiveness Of Our Proposed Algorithms.

SENTIMENTAL ANALYSIS- Age Related Sentimental Analysis For Efficient Review Mining

Natural Language Processing Has Been Continuous Field Of Interest Since 1950s. It Is Concerned With The Interaction Between Computers And Human’s Natural Languages. The History Of Natural Language Processing Started With Alan Turing’s Article Titled “Computer Machinery And Intelligence”. How Natural Language Is Processed By Computers Is Main Concern Of NLP. Speech Recognition, Text Analysis, Text Translation Are Few Areas Where Natural Language Processing Along With Artificial Intelligence Is Employed. NLP Includes Various Evaluation Tasks Such As Stemming, Grammar Induction, Topic Segmentation Etc. This Project Aims At Developing A Program That Is Used For Age Related Sentiment Analysis. Sentiment Analysis Refers To The Use Of Natural Language Processing, Text Analysis, Computational Linguistics, And Biometrics To Systematically Identify, Extract, Quantify, And Study Affective States And Subjective Information. Methods To Approach Sentiment Analysis Are Classified Mainly Into Knowledge Based Approach, Statistical Approach And Hybrid Approach. Provided A Text, Mood Of The Text Will Be Analysed. The Main Constraint That Is Applied Here Is Age. The Text Will Be Analysed Related To The Age. The Opinion Or Mood Behind The Particular Text Varies For Every Age Group Since Their Understanding Levels And Conceptual Knowledge Varies. Word Ambiguity Is Analysed And Based On The Keyword Detection And Context Analysis Ambiguity Is Removed. Age Is Taken Into Consideration While Analysing The Text And Hence For The Same Text In The Same Context Analysis Varies.

GEOGRAPHICAL PROBABILISTIC FACTOR MODEL - A General Geographical Probabilistic Factor Model For Point Of Interest Recommendation

The Problem Of Point Of Interest (POI) Recommendation Is To Provide Personalized Recommendations Of Places, Such As Restaurants And Movie Theaters. The Increasing Prevalence Of Mobile Devices And Of Location Based Social Networks (LBSNs) Poses Significant New Opportunities As Well As Challenges, Which We Address. The Decision Process For A User To Choose A POI Is Complex And Can Be Influenced By Numerous Factors, Such As Personal Preferences, Geographical Considerations, And User Mobility Behaviors. This Is Further Complicated By The Connection LBSNs And Mobile Devices. While There Are Some Studies On POI Recommendations, They Lack An Integrated Analysis Of The Joint Effect Of Multiple Factors. Meanwhile, Although Latent Factor Models Have Been Proved Effective And Are Thus Widely Used For Recommendations, Adopting Them To POI Recommendations Requires Delicate Consideration Of The Unique Characteristics Of LBSNs. To This End, In This Paper, We Propose A General Geographical Probabilistic Factor Model (Geo-PFM) Framework Which Strategically Takes Various Factors Into Consideration. Specifically, This Framework Allows To Capture The Geographical Influences On A User's Check-in Behavior. Also, User Mobility Behaviors Can Be Effectively Leveraged In The Recommendation Model. Moreover, Based Our Geo-PFM Framework, We Further Develop A Poisson Geo-PFM Which Provides A More Rigorous Probabilistic Generative Process For The Entire Model And Is Effective In Modeling The Skewed User Check-in Count Data As Implicit Feedback For Better POI Recommendations. Finally, Extensive Experimental Results On Three Real-world LBSN Datasets (which Differ In Terms Of User Mobility, POI Geographical Distribution, Implicit Response Data Skewness, And User-POI Observation Sparsity), Show That The Proposed Recommendation Methods Outperform State-of-the-art Latent Factor Models By A Significant Margin

SCALABLE GRAPH-BASED RANKING MODEL- EMR A Scalable Graph-based Ranking Model For Content-based Image Retrieval

Graph-based Ranking Models Have Been Widely Applied In Information Retrieval Area. In This Paper, We Focus On A Well Known Graph-based Model - The Ranking On Data Manifold Model, Or Manifold Ranking. Particularly, It Has Been Successfully Applied To Content-based Image Retrieval, Because Of Its Outstanding Ability To Discover Underlying Geometrical Structure Of The Given Image Database. However, Manifold Ranking Is Computationally Very Expensive, Which Significantly Limits Its Applicability To Large Databases Especially For The Cases That The Queries Are Out Of The Database. We Propose A Novel Scalable Graph-based Ranking Model Called Efficient Manifold Ranking (EMR), Trying To Address The Shortcomings Of MR From Two Main Perspectives: Scalable Graph Construction And Efficient Ranking Computation. Specifically, We Build An Anchor Graph On The Database Instead Of A Traditional K-nearest Neighbor Graph, And Design A New Form Of Adjacency Matrix Utilized To Speed Up The Ranking. An Approximate Method Is Adopted For Efficient Out-of-sample Retrieval. Experimental Results On Some Large Scale Image Databases Demonstrate That EMR Is A Promising Method For Real World Retrieval Applications.

ROUTE-SAVER- Leveraging Route APIs For Accurate And Efficient Query Processing At Location Based Services

Location-based Services (LBS) Enable Mobile Users To Query Points-of-interest (e.g., Restaurants, Cafes) On Various Features (e.g., Price, Quality, Variety). In Addition, Users Require Accurate Query Results With Up-to-date Travel Times. Lacking The Monitoring Infrastructure For Road Traffic, The LBS May Obtain Live Travel Times Of Routes From Online Route APIs In Order To Offer Accurate Results. Our Goal Is To Reduce The Number Of Requests Issued By The LBS Significantly While Preserving Accurate Query Results. First, We Propose To Exploit Recent Routes Requested From Route APIs To Answer Queries Accurately. Then, We Design Effective Lower/upper Bounding Techniques And Ordering Techniques To Process Queries Efficiently. Also, We Study Parallel Route Requests To Further Reduce The Query Response Time. Our Experimental Evaluation Shows That Our Solution Is Three Times More Efficient Than A Competitor, And Yet Achieves High Result Accuracy (above 98 Percent).

TWEET SEGMENTATION - Tweet Segmentation And Its Application To Named Entity Recognition

Twitter Has Attracted Millions Of Users To Share And Disseminate Most Up-to-date Information, Resulting In Large Volumes Of Data Produced Everyday. However, Many Applications In Information Retrieval (IR) And Natural Language Processing (NLP) Suffer Severely From The Noisy And Short Nature Of Tweets. In This Paper, We Propose A Novel Framework For Tweet Segmentation In A Batch Mode, Called HybridSeg. By Splitting Tweets Into Meaningful Segments, The Semantic Or Context Information Is Well Preserved And Easily Extracted By The Downstream Applications. HybridSeg Finds The Optimal Segmentation Of A Tweet By Maximizing The Sum Of The Stickiness Scores Of Its Candidate Segments. The Stickiness Score Considers The Probability Of A Segment Being A Phrase In English (i.e., Global Context) And The Probability Of A Segment Being A Phrase Within The Batch Of Tweets (i.e., Local Context). For The Latter, We Propose And Evaluate Two Models To Derive Local Context By Considering The Linguistic Features And Term-dependency In A Batch Of Tweets, Respectively. HybridSeg Is Also Designed To Iteratively Learn From Confident Segments As Pseudo Feedback. Experiments On Two Tweet Data Sets Show That Tweet Segmentation Quality Is Significantly Improved By Learning Both Global And Local Contexts Compared With Using Global Context Alone. Through Analysis And Comparison, We Show That Local Linguistic Features Are More Reliable For Learning Local Context Compared With Term-dependency. As An Application, We Show That High Accuracy Is Achieved In Named Entity Recognition By Applying Segment-based Part-of-speech (POS) Tagging.

PRIVACY AND DATA CONFIDENTIALITY - Fast A Fast Clustering-Based Database With Privacy And Data Confidentiality

In Order To Prevent The Disclosure Of Sensitive Information And Protect Users' Privacy, The Generalization And Suppression Of Technology Is Often Used To Anonymize The Quasi-identifiers Of The Data Before Its Sharing. Data Streams Are Inherently Infinite And Highly Dynamic Which Are Very Different From Static Datasets, So That The Anonymization Of Data Streams Needs To Be Capable Of Solving More Complicated Problems. The Methods For Anonymizing Static Datasets Cannot Be Applied To Data Streams Directly. In This Paper, An Anonymization Approach For Data Streams Is Proposed With The Analysis Of The Published Anonymization Methods For Data Streams. This Approach Scans The Data Only Once To Recognize And Reuse The Clusters That Satisfy The Anonymization Requirements For Speeding Up The Anonymization Process. Experimental Results On The Real Dataset Show That The Proposed Method Can Reduce The Information Loss That Is Caused By Generalization And Suppression And Also Satisfies The Anonymization Requirements And Has Low Time And Space Complexity.

INSTANT MESSAGE USING DATA MINING AND ONTOLOGY- Framework For Survelliance Of Instant Messages In Instant Messengers And Social Networking Sites Using Data Mining And Ontology

Innumerable Terror And Suspicious Messages Are Sent Through Instant Messengers (IM) And Social Networking Sites (SNS) Which Are Untraced, Leading To Hindrance For Network Communications And Cyber Security. We Propose A Framework That Discover And Predict Such Messages That Are Sent Using IM Or SNS Like Facebook, Twitter, LinkedIn, And Others. Further, These Instant Messages Are Put Under Surveillance That Identifies The Type Of Suspected Cyber Threat Activity By Culprit Along With Their Personnel Details. Framework Is Developed Using Ontology Based Information Extraction Technique (OBIE), Association Rule Mining (ARM) A Data Mining Technique With Set Of Pre-defined Knowledge-based Rules (logical), For Decision Making Process That Are Learned From Domain Experts And Past Learning Experiences Of Suspicious Dataset Like GTD (Global Terrorist Database). The Experimental Results Obtained Will Aid To Take Prompt Decision For Eradicating Cyber Crimes.

WEB SERVICES RECOMMENDATION - Diversifying Web Service Recommendation Results Via Exploring Service Usage History

The Last Decade Has Witnessed A Tremendous Growth Of Web Services As A Major Technology For Sharing Data, Computing Resources, And Programs On The Web. With The Increasing Adoption And Presence Of Web Services, Design Of Novel Approaches For Effective Web Service Recommendation To Satisfy Users’ Potential Requirements Has Become Of Paramount Importance. Existing Web Service Recommendation Approaches Mainly Focus On Predicting Missing QoS Values Of Web Service Candidates Which Are Interesting To A User Using Collaborative Filtering Approach, Content-based Approach, Or Their Hybrid. These Recommendation Approaches Assume That Recommended Web Services Are Independent To Each Other, Which Sometimes May Not Be True. As A Result, Many Similar Or Redundant Web Services May Exist In A Recommendation List. In This Paper, We Propose A Novel Web Service Recommendation Approach Incorporating A User's Potential QoS Preferences And Diversity Feature Of User Interests On Web Services. User's Interests And QoS Preferences On Web Services Are First Mined By Exploring The Web Service Usage History. Then We Compute Scores Of Web Service Candidates By Measuring Their Relevance With Historical And Potential User Interests, And Their QoS Utility. We Also Construct A Web Service Graph Based On The Functional Similarity Between Web Services. Finally, We Present An Innovative Diversity-aware Web Service Ranking Algorithm To Rank The Web Service Candidates Based On Their Scores, And Diversity Degrees Derived From The Web Service Graph. Extensive Experiments Are Conducted Based On A Real World Web Service Dataset, Indicating That Our Proposed Web Service Recommendation Approach Significantly Improves The Quality Of The Recommendation Results Compared With Existing Methods.

DATA RETRIEVAL PROCESS- Generating Boolean Matrix For Data Retrieval Process

An Data Retrieval (DR) Or Information Retrieval (IR) Process Begins When A User Enters A Query Into The System. Queries Are Formal Statements Of Information Needs, For Example Search Strings In Web Search Engines. In IR A Query Does Not Uniquely Identify A Single Object In The Collection. Instead, Several Objects May Match The Query, Perhaps With Different Degrees Of Relevancy. An Object Is An Entity Which Keeps Or Stores Information In A Database. User Queries Are Matched To Objects Stored In The Database. Depending On The Application The Data Objects May Be, For Example, Text Documents, Images Or Videos. The Documents Themselves Are Not Kept Or Stored Directly In The IR System, But Are Instead Represented In The System By Document Surrogates. Most IR Systems Compute A Numeric Score On How Well Each Objects In The Database Match The Query, And Rank The Objects According To This Value. The Top Ranking Objects Are Then Shown To The User. The Process May Then Be Iterated If The User Wishes To Refine The Query. In This Paper We Try To Explain IR Methods And Asses Them From Two View Points And Finally Propose A Simple Method For Ranking Terms And Documents On IR And Implement The Method And Check The Result.

UNCERTAIN OBJECT- Query Aware Determinization Of Uncertain Objects

This Paper Considers The Problem Of Determinizing Probabilistic Data To Enable Such Data To Be Stored In Legacy Systems That Accept Only Deterministic Input. Probabilistic Data May Be Generated By Automated Data Analysis/enrichment Techniques Such As Entity Resolution, Information Extraction, And Speech Processing. The Legacy System May Correspond To Pre-existing Web Applications Such As Flickr, Picasa, Etc. The Goal Is To Generate A Deterministic Representation Of Probabilistic Data That Optimizes The Quality Of The End-application Built On Deterministic Data. We Explore Such A Determinization Problem In The Context Of Two Different Data Processing Tasks-triggers And Selection Queries. We Show That Approaches Such As Thresholding Or Top-1 Selection Traditionally Used For Determinization Lead To Suboptimal Performance For Such Applications. Instead, We Develop A Query-aware Strategy And Show Its Advantages Over Existing Solutions Through A Comprehensive Empirical Evaluation Over Real And Synthetic Datasets.

EFFECTIVE AND EFFICIENT CLUSTERING METHOD - Effective And Efficient Clustering Methods For Correlated Probabilistic Graphs

Recently, Probabilistic Graphs Have Attracted Significant Interests Of The Data Mining Community. It Is Observed That Correlations May Exist Among Adjacent Edges In Various Probabilistic Graphs. As One Of The Basic Mining Techniques, Graph Clustering Is Widely Used In Exploratory Data Analysis, Such As Data Compression, Information Retrieval, Image Segmentation, Etc. Graph Clustering Aims To Divide Data Into Clusters According To Their Similarities, And A Number Of Algorithms Have Been Proposed For Clustering Graphs, Such As The PKwikCluster Algorithm, Spectral Clustering, K-path Clustering, Etc. However, Little Research Has Been Performed To Develop Efficient Clustering Algorithms For Probabilistic Graphs. Particularly, It Becomes More Challenging To Efficiently Cluster Probabilistic Graphs When Correlations Are Considered. In This Paper, We Define The Problem Of Clustering Correlated Probabilistic Graphs. To Solve The Challenging Problem, We Propose Two Algorithms, Namely The PEEDR And The CPGS Clustering Algorithm. For Each Of The Proposed Algorithms, We Develop Several Pruning Techniques To Further Improve Their Efficiency. We Evaluate The Effectiveness And Efficiency Of Our Algorithms And Pruning Methods Through Comprehensive Experiments.

DOCUMENT ANNOTATION UISNG CONTENT AND QUERYING VALUE- Facilitating Document Annotation Using Content And Querying Value

A Large Number Of Organizations Today Generate And Share Textual Descriptions Of Their Products, Services, And Actions. Such Collections Of Textual Data Contain Significant Amount Of Structured Information, Which Remains Buried In The Unstructured Text. While Information Extraction Algorithms Facilitate The Extraction Of Structured Relations, They Are Often Expensive And Inaccurate, Especially When Operating On Top Of Text That Does Not Contain Any Instances Of The Targeted Structured Information. We Present A Novel Alternative Approach That Facilitates The Generation Of The Structured Metadata By Identifying Documents That Are Likely To Contain Information Of Interest And This Information Is Going To Be Subsequently Useful For Querying The Database. Our Approach Relies On The Idea That Humans Are More Likely To Add The Necessary Metadata During Creation Time, If Prompted By The Interface; Or That It Is Much Easier For Humans (and/or Algorithms) To Identify The Metadata When Such Information Actually Exists In The Document, Instead Of Naively Prompting Users To Fill In Forms With Information That Is Not Available In The Document. As A Major Contribution Of This Paper, We Present Algorithms That Identify Structured Attributes That Are Likely To Appear Within The Document, By Jointly Utilizing The Content Of The Text And The Query Workload. Our Experimental Evaluation Shows That Our Approach Generates Superior Results Compared To Approaches That Rely Only On The Textual Content Or Only On The Query Workload, To Identify Attributes Of Interest.

PRIVACY PROTECTION - Supporting Privacy Protection In Personalized Web Search

Personalized Web Search (PWS) Has Demonstrated Its Effectiveness In Improving The Quality Of Various Search Services On The Internet. However, Evidences Show That Users' Reluctance To Disclose Their Private Information During Search Has Become A Major Barrier For The Wide Proliferation Of PWS. We Study Privacy Protection In PWS Applications That Model User Preferences As Hierarchical User Profiles. We Propose A PWS Framework Called UPS That Can Adaptively Generalize Profiles By Queries While Respecting User-specified Privacy Requirements. Our Runtime Generalization Aims At Striking A Balance Between Two Predictive Metrics That Evaluate The Utility Of Personalization And The Privacy Risk Of Exposing The Generalized Profile. We Present Two Greedy Algorithms, Namely GreedyDP And GreedyIL, For Runtime Generalization. We Also Provide An Online Prediction Mechanism For Deciding Whether Personalizing A Query Is Beneficial. Extensive Experiments Demonstrate The Effectiveness Of Our Framework. The Experimental Results Also Reveal That GreedyIL Significantly Outperforms GreedyDP In Terms Of Efficiency.

TRUSTEDDB- A Trusted Hardware-Based Database With Privacy And Data Confidentiality

Traditionally, As Soon As Confidentiality Becomes A Concern, Data Are Encrypted Before Outsourcing To A Service Provider. Any Software-based Cryptographic Constructs Then Deployed, For Server-side Query Processing On The Encrypted Data, Inherently Limit Query Expressiveness. Here, We Introduce TrustedDB, An Outsourced Database Prototype That Allows Clients To Execute SQL Queries With Privacy And Under Regulatory Compliance Constraints By Leveraging Server-hosted, Tamper-proof Trusted Hardware In Critical Query Processing Stages, Thereby Removing Any Limitations On The Type Of Supported Queries. Despite The Cost Overhead And Performance Limitations Of Trusted Hardware, We Show That The Costs Per Query Are Orders Of Magnitude Lower Than Any (existing Or) Potential Future Software-only Mechanisms. TrustedDB Is Built And Runs On Actual Hardware, And Its Performance And Costs Are Evaluated Here.

FAST CLUSTERING- A Fast Clustering-Based Feature Subset Selection Algorithm For High-Dimensional Data

Feature Selection Involves Identifying A Subset Of The Most Useful Features That Produces Compatible Results As The Original Entire Set Of Features. A Feature Selection Algorithm May Be Evaluated From Both The Efficiency And Effectiveness Points Of View. While The Efficiency Concerns The Time Required To Find A Subset Of Features, The Effectiveness Is Related To The Quality Of The Subset Of Features. Based On These Criteria, A Fast Clustering-based Feature Selection Algorithm (FAST) Is Proposed And Experimentally Evaluated In This Paper. The FAST Algorithm Works In Two Steps. In The First Step, Features Are Divided Into Clusters By Using Graph-theoretic Clustering Methods. In The Second Step, The Most Representative Feature That Is Strongly Related To Target Classes Is Selected From Each Cluster To Form A Subset Of Features. Features In Different Clusters Are Relatively Independent, The Clustering-based Strategy Of FAST Has A High Probability Of Producing A Subset Of Useful And Independent Features. To Ensure The Efficiency Of FAST, We Adopt The Efficient Minimum-spanning Tree (MST) Clustering Method. The Efficiency And Effectiveness Of The FAST Algorithm Are Evaluated Through An Empirical Study. Extensive Experiments Are Carried Out To Compare FAST And Several Representative Feature Selection Algorithms, Namely, FCBF, ReliefF, CFS, Consist, And FOCUS-SF, With Respect To Four Types Of Well-known Classifiers, Namely, The Probability-based Naive Bayes, The Tree-based C4.5, The Instance-based IB1, And The Rule-based RIPPER Before And After Feature Selection. The Results, On 35 Publicly Available Real-world High-dimensional Image, Microarray, And Text Data, Demonstrate That The FAST Not Only Produces Smaller Subsets Of Features But Also Improves The Performances Of The Four Types Of Classifiers.

DISTRIBUTED PROCESSING - Distributed Processing Of Probabilistic Top-k Queries In Wireless Sensor Networks

In This Paper, We Introduce The Notion Of Sufficient Set And Necessary Set For Distributed Processing Of Probabilistic Top-k Queries In Cluster-based Wireless Sensor Networks. These Two Concepts Have Very Nice Properties That Can Facilitate Localized Data Pruning In Clusters. Accordingly, We Develop A Suite Of Algorithms, Namely, Sufficient Set-based (SSB), Necessary Set-based (NSB), And Boundary-based (BB), For Intercluster Query Processing With Bounded Rounds Of Communications. Moreover, In Responding To Dynamic Changes Of Data Distribution In The Network, We Develop An Adaptive Algorithm That Dynamically Switches Among The Three Proposed Algorithms To Minimize The Transmission Cost. We Show The Applicability Of Sufficient Set And Necessary Set To Wireless Sensor Networks With Both Two-tier Hierarchical And Tree-structured Network Topologies. Experimental Results Show That The Proposed Algorithms Reduce Data Transmissions Significantly And Incur Only Small Constant Rounds Of Data Communications. The Experimental Results Also Demonstrate The Superiority Of The Adaptive Algorithm, Which Achieves A Near-optimal Performance Under Various Conditions.

XML RETRIEVAL - Using Personalization To Improve XML Retrieval

As The Amount Of Information Increases Every Day And The Users Normally Formulate Short And Ambiguous Queries, Personalized Search Techniques Are Becoming Almost A Must. Using The Information About The User Stored In A User Profile, These Techniques Retrieve Results That Are Closer To The User Preferences. On The Other Hand, The Information Is Being Stored More And More In An Semi-structured Way, And XML Has Emerged As A Standard For Representing And Exchanging This Type Of Data. XML Search Allows A Higher Retrieval Effectiveness, Due To Its Ability To Retrieve And To Show The User Specific Parts Of The Documents Instead Of The Full Document. In This Paper We Propose Several Personalization Techniques In The Context Of XML Retrieval. We Try To Combine The Different Approaches Where Personalization May Be Applied: Query Reformulation, Re-ranking Of Results And Retrieval Model Modification. The Experimental Results Obtained From A User Study Using A Parliamentary Document Collection Support The Validity Of Our Approach.

ASSOCIATION RULE AND THE APRIORI ALGORTHIM- A Data Mining Project -Discovering Association Rules Using The Apriori Algorithm

Data Mining Has A Lot Of E-Commerce Applications. The Key Problem Is How To Find Useful Hidden Patterns For Better Business Applications In The Retail Sector. For The Solution Of These Problems, The Apriori Algorithm Is One Of The Most Popular Data Mining Approaches For Finding Frequent Item Sets From A Transaction Dataset And Derives Association Rules. Rules Are The Discovered Knowledge From The Data Base. Finding Frequent Item Set (item Sets With Frequency Larger Than Or Equal To A User Specified Minimum Support) Is Not Trivial Because Of Its Combinatorial Explosion. Once Frequent Item Sets Are Obtained, It Is Straightforward To Generate Association Rules With Confidence Larger Than Or Equal To A User Specified Minimum Confidence. The Paper Illustrating Apriori Algorithm On Simulated Database And Finds The Association Rules On Different Confidence Value.

TEXT CLASSIFICATION AND CLUSTERING- Similarity Measure For Text Classification And Clustering

Measuring The Similarity Between Documents Is An Important Operation In The Text Processing Field. In This Paper, A New Similarity Measure Is Proposed. To Compute The Similarity Between Two Documents With Respect To A Feature, The Proposed Measure Takes The Following Three Cases Into Account: A) The Feature Appears In Both Documents, B) The Feature Appears In Only One Document, And C) The Feature Appears In None Of The Documents. For The First Case, The Similarity Increases As The Difference Between The Two Involved Feature Values Decreases. Furthermore, The Contribution Of The Difference Is Normally Scaled. For The Second Case, A Fixed Value Is Contributed To The Similarity. For The Last Case, The Feature Has No Contribution To The Similarity. The Proposed Measure Is Extended To Gauge The Similarity Between Two Sets Of Documents. The Effectiveness Of Our Measure Is Evaluated On Several Real-world Data Sets For Text Classification And Clustering Problems. The Results Show That The Performance Obtained By The Proposed Measure Is Better Than That Achieved By Other Measures.

ASSOCIATION RULE MINING - An Efficient Multi-Party Communication Scheme With Association Rule Mining

A Protocol For Secure Mining Of Association Rules In Horizontally Distributed Databases. Our Protocol, Like Theirs, Is Based On The Fast Distributed Mining (FDM) Algorithm Which Is An Unsecured Distributed Version Of The Apriori Algorithm. The Main Ingredients In Our Protocol Are Two Novel Secure Multi-party Algorithms One That Computes The Union Of Private Subsets That Each Of The Interacting Players Hold, And Another That Tests The Inclusion Of An Element Held By One Player In A Subset Held By Another. Our Protocol Offers Enhanced Privacy With Respect To The Protocol. In Addition, It Is Simpler And Is Significantly More Efficient In Terms Of Communication Rounds, Communication Cost And Computational Cost.

DUPLICATE DETECTION- Progressive Duplicate Detection

Duplicate Detection Is The Process Of Identifying Multiple Representations Of Same Real World Entities. Today, Duplicate Detection Methods Need To Process Ever Larger Datasets In Ever Shorter Time: Maintaining The Quality Of A Dataset Becomes Increasingly Difficult. We Present Two Novel, Progressive Duplicate Detection Algorithms That Significantly Increase The Efficiency Of Finding Duplicates If The Execution Time Is Limited: They Maximize The Gain Of The Overall Process Within The Time Available By Reporting Most Results Much Earlier Than Traditional Approaches. Comprehensive Experiments Show That Our Progressive Algorithms Can Double The Efficiency Over Time Of Traditional Duplicate Detection And Significantly Improve Upon Related Work.

RRW- A Robust And Reversible Watermarking Technique For Relational Data

Advancement In Information Technology Is Playing An Increasing Role In The Use Of Information Systems Comprising Relational Databases. These Databases Are Used Effectively In Collaborative Environments For Information Extraction; Consequently, They Are Vulnerable To Security Threats Concerning Ownership Rights And Data Tampering. Watermarking Is Advocated To Enforce Ownership Rights Over Shared Relational Data And For Providing A Means For Tackling Data Tampering. When Ownership Rights Are Enforced Using Watermarking, The Underlying Data Undergoes Certain Modifications; As A Result Of Which, The Data Quality Gets Compromised. Reversible Watermarking Is Employed To Ensure Data Quality Along-with Data Recovery. However, Such Techniques Are Usually Not Robust Against Malicious Attacks And Do Not Provide Any Mechanism To Selectively Watermark A Particular Attribute By Taking Into Account Its Role In Knowledge Discovery. Therefore, Reversible Watermarking Is Required That Ensures; (i) Watermark Encoding And Decoding By Accounting For The Role Of All The Features In Knowledge Discovery; And, (ii) Original Data Recovery In The Presence Of Active Malicious Attacks. In This Paper, A Robust And Semi-blind Reversible Watermarking (RRW) Technique For Numerical Relational Data Has Been Proposed That Addresses The Above Objectives. Experimental Studies Prove The Effectiveness Of RRW Against Malicious Attacks And Show That The Proposed Technique Outperforms Existing Ones.

PRIVACY PRESERVING SOCIAL MEDIA DATA PUBLISHING- Privacy Preserving Social Media Data Publishing For Personalized Rank Based Recommendation

Personalized Recommendation Is Crucial To Help Users Find Pertinent Information. It Often Relies On A Large Collection Of User Data, In Particular Users' Online Activity (e.g., Tagging/rating/checking-in) On Social Media, To Mine User Preference. However, Releasing Such User Activity Data Makes Users Vulnerable To Inference Attacks, As Private Data (e.g., Gender) Can Often Be Inferred From The Users' Activity Data. In This Paper, We Proposed PrivRank, A Customizable And Continuous Privacy-preserving Social Media Data Publishing Framework Protecting Users Against Inference Attacks While Enabling Personalized Ranking-based Recommendations. Its Key Idea Is To Continuously Obfuscate User Activity Data Such That The Privacy Leakage Of User-specified Private Data Is Minimized Under A Given Data Distortion Budget, Which Bounds The Ranking Loss Incurred From The Data Obfuscation Process In Order To Preserve The Utility Of The Data For Enabling Recommendations. An Empirical Evaluation On Both Synthetic And Real-world Datasets Shows That Our Framework Can Efficiently Provide Effective And Continuous Protection Of User-specified Private Data, While Still Preserving The Utility Of The Obfuscated Data For Personalized Ranking-based Recommendation. Compared To State-of-the-art Approaches, PrivRank Achieves Both A Better Privacy Protection And A Higher Utility In All The Ranking-based Recommendation Use Cases We Tested

ACTIVE LEARNING FOR RANKING - Active Learning For Ranking Through Expected Loss Optimization

Learning To Rank Arises In Many Data Mining Applications, Ranging From Web Search Engine, Online Advertising To Recommendation System. In Learning To Rank, The Performance Of A Ranking Model Is Strongly Affected By The Number Of Labeled Examples In The Training Set; On The Other Hand, Obtaining Labeled Examples For Training Data Is Very Expensive And Time-consuming. This Presents A Great Need For The Active Learning Approaches To Select Most Informative Examples For Ranking Learning; However, In The Literature There Is Still Very Limited Work To Address Active Learning For Ranking. In This Paper, We Propose A General Active Learning Framework, Expected Loss Optimization (ELO), For Ranking. The ELO Framework Is Applicable To A Wide Range Of Ranking Functions. Under This Framework, We Derive A Novel Algorithm, Expected Discounted Cumulative Gain (DCG) Loss Optimization (ELO-DCG), To Select Most Informative Examples. Then, We Investigate Both Query And Document Level Active Learning For Raking And Propose A Two-stage ELO-DCG Algorithm Which Incorporate Both Query And Document Selection Into Active Learning. Furthermore, We Show That It Is Flexible For The Algorithm To Deal With The Skewed Grade Distribution Problem With The Modification Of The Loss Function. Extensive Experiments On Real-world Web Search Data Sets Have Demonstrated Great Potential And Effectiveness Of The Proposed Framework And Algorithms.

REPRESENTATIVE PATTERN SETS- A Flexible Approach To Finding Representative Pattern Sets

Frequent Pattern Mining Often Produces An Enormous Number Of Frequent Patterns, Which Imposes A Great Challenge On Visualizing, Understanding And Further Analysis Of The Generated Patterns. This Calls For Finding A Small Number Of Representative Patterns To Best Approximate All Other Patterns. In This Paper, We Develop An Algorithm Called MinRPset To Find A Minimum Representative Pattern Set With Error Guarantee. MinRPset Produces The Smallest Solution That We Can Possibly Have In Practice Under The Given Problem Setting, And It Takes A Reasonable Amount Of Time To Finish When The Number Of Frequent Closed Patterns Is Below One Million. MinRPset Is Very Space-consuming And Time-consuming On Some Dense Datasets When The Number Of Frequent Closed Patterns Is Large. To Solve This Problem, We Propose Another Algorithm Called FlexRPset, Which Provides One Extra Parameter K To Allow Users To Make A Trade-off Between Result Size And Efficiency. We Adopt An Incremental Approach To Let The Users Make The Trade-off Conveniently. Our Experiment Results Show That MinRPset And FlexRPset Produce Fewer Representative Patterns Than RPlocal-an Efficient Algorithm That Is Developed For Solving The Same Problem.

IMAGE COMPRESSION ALGORITHM USING BINARY SPACE PARTITION SCHEME- Hierarchical Representation Of Plain Areas Of Post-Interpolation Residuals For Image Compression

We Propose An Algorithm For Encoding Quantized Post-interpolation Residuals Within The Framework Of Hierarchical Image Compression. This Coding Algorithm Is Based On A Hierarchical Representation Of The Plain Areas Of Quantized Post-interpolation Residuals To Improve The Coding Efficiency Of These Areas. The Proposed Algorithm Reorders The Post-interpolation Residuals To Increase The Size Of The Plain Areas. We Embed The Proposed Coding Algorithm For Post-interpolation Residuals Into A Hierarchical Image Compression Method. This Method Is Based On Interpolation The Image Scale Levels Using More Resampled Scale Levels Of The Same Image. The Errors Of This Interpolation (post-interpolation Residuals) Are Then Quantized And Encoded. We Use The Proposed Algorithm To Encode The Quantized Post-interpolation Residuals Of The Hierarchical Compression Method. We Perform Computational Experiments To Study The Effectiveness Of The Proposed Algorithm For A Set Of Natural Images. We Experimentally Confirm That The Use Of The Proposed Coding Algorithm For Post-interpolation Residuals Makes It Possible To Increase The Efficiency Of The Hierarchical Method Of Image Compression.

EFFICIENT JOINT ENCRYPTION AND DATA HIDING- A Security Technique For Authentication And Security Of Medical Images In Health Information Systems

In This Paper An Efficient Crypto-watermarking Algorithm Is Proposed To Secure Medical Images Transmitted In Tele-medicine Applications. The Proposed Algorithm Uses Standard Encryption Methods And Reversible Watermarking Techniques To Provide Security To The Transmitted Medical Images As Well As To Control Access Privileges At The Receiver Side. The Algorithm Jointly Embeds Two Watermarks In Two Domains Using Encryption And Reversible Watermarking To Avoid Any Interference Between The Watermarks. The Authenticity And Integrity Of Medical Images Can Be Verified In The Spatial Domain, The Encrypted Domain, Or In Both Domains. The Performance Of The Proposed Algorithm Is Evaluated Using Test Medical Images Of Different Modalities. The Algorithm Preforms Well In Terms Of Visual Quality Of The Watermarked Images And In Terms Of The Available Embedding Capacity.

EFFICIENT JOINT ENCRYPTION AND DATA HIDING- A Security Technique For Authentication And Security Of Medical Images In Health Information Systems

Medical Images Stored In Health Information Systems, Cloud Or Other Systems Are Of Key Importance. Privacy And Security Needs To Be Guaranteed For Such Images Through Encryption And Authentication Processes. Encrypted And Watermarked Images In This Domain Needed To Be Reversible So That The Plain Image Operated On In The Encryption And Watermarking Process Can Be Fully Recoverable Due To The Sensitivity Of The Data Conveyed In Medical Images. In This Paper, We Proposed A Fully Recoverable Encrypted And Watermarked Image Processing Technique For The Security Of Medical Images In Health Information Systems. The Approach Is Used To Authenticate And Secure The Medical Images. Our Results Showed To Be Very Effective And Reliable For Fully Recoverable Images.

REAL-TIME AUTOMATIC LICENSE PLATE RECOGNITION SYSTEM- Real-time Automatic License Plate Recognition System Using YOLOv4

We Introduce A Real-time Automatic License Plate Recognition System That Is Computationally Lighter By Eliminating The ROI Setting Step, Without Deteriorating Recognition Performance. Conventional License Plate Recognition Systems Exhibit Two Main Problems. First, Clear License Plate Visibility Is Required. Second, Processing Actual Field Data Is Computationally Intensive And The ROI Needs To Be Set. To Overcome These Problems, We Performed Plate Localization Directly On The Entire Image, And Conducted Research Taking Low Quality License Plate Detection Into Account. We Aim To Recognize The License Plates Of Cars Moving At High Speeds On The Road As Well As Stationary Cars Using The NVIDIA Jetson TX2 Module, Which Is An Embedded Computing Device.

- Reversible Data Hiding In Encrypted Images Based On Reversible Integer Transformation And Quadtree-Based Partition

This Paper Presents An Improved Secure Reversible Data Hiding Scheme In Encrypted Images Based On Integer Transformation, Which Does Not Need Using A Data Hider Key To Protect The Embedded Secret Data. We First Segment The Original Image Into Blocks Of Various Sizes Based On The Quadtree-based Image Partition. For Each Block, We Reserve M Least Significant Bits (LSBs) Of Each Pixel As Embedding Room Based On The Reversible Integer Transformation. In Order To Improve The Security Of The Image Encryption, We Pad The MLSBs Of Each Pixel Using The Corresponding (8-m) Most Significant Bits (MSBs) Information After The Transformation, Which Protects The Security Of The Encryption Key. Then, We Encrypt The Transformed Image With A Standard Stream Cipher. After The Image Encryption, The Data Hider Embeds The Secret Data In The MLSBs Of The Encrypted Images Through An Exclusive Or Operation. On The Receiving Side, The Receiver Can Extract The Secret Data After The Image Decryption And Recover The Original Image Without Loss Of Quality. The Security Analysis Shows That The Proposed Scheme Improves The Security Weakness Of The Scheme Directly Using Adaptive Integer Transformation. The Experimental Results Show That The Proposed Method Achieves A Higher Embedding Ratio Compared With Several Relevant Methods.

IMAGE RESTORATION USING SPACE-VARIANT GAUSSIAN SCALE - Exaggerated Learning For Clean-And-Sharp Image Restoration

Deep Learning Has Become A Methodology Of Choice For Image Restoration Tasks, Including Denoising, Super-resolution, Deblurring, Exposure Correction, Etc., Because Of Its Superiority To Traditional Methods In Reconstruction Quality. However, The Published Deep Learning Methods Still Have Not Solve The Old Dilemma Between Low Noise Level And Detail Sharpness. We Propose A New CNN Design Strategy, Called Exaggerated Deep Learning, To Reconcile Two Mutually Conflicting Objectives: Noise Free And Detail Sharpness. The Idea Is To Deliberately Overshoot For The Desired Attributes In The CNN Optimization Objective Function; The Cleanness Or Sharpness Is Overemphasized According To Different Semantic Contexts. The Exaggerated Learning Approach Is Experimented On The Restoration Tasks Of Super-resolution And Low Light Correction. Its Effectiveness And Advantages Have Been Empirically Affirmed.


Due To Individual Unreliable Commodity Components, Failures Are Common In Large-scale Distributed Storage Systems. Erasure Codes Are Widely Deployed In Practical Storage Systems To Provide Fault Tolerance With Low Storage Overhead

PROBABILISTIC MISBEHAVIOR DETECTION SCHEME- A Privacy-Preserving Misbehavior Detection System In Vehicular Communication Networks

5 G Based Vehicular Communication Networks Support Various Traffic Safety And Infotainment Use Cases And Rely On The Periodic Exchange Of Information. However, These Messages Are Susceptible To Several Attacks Which Can Be Detected Using Misbehavior Detection Systems (MDS). MDS Utilizes Trust Score, Feedback Score And Other Evaluation Schemes To Identify Abnormal Behavior Of The Vehicles. However, The Trust And Feedback Scores Used In MDS May Violate The Location, Trajectory, Or Identity Privacy Of The Vehicle. In This Paper, We Propose A Privacy-preserving Misbehavior Detection System That Can Detect Or Identify Misbehavior Without Violating The Privacy Of The Vehicle. In The Proposed Method, Encrypted Weighted Feedbacks Sent From Vehicles Are Combined Using Additive Homomorphic Properties Without Violating The Privacy Of The Information. The Decryption Of The Aggregate Feedback Is Done Securely At The Trusted Authority Which Updates The Reputation Score Of The Vehicle According To The Decrypted Aggregate Feedback Score. We Have Also Performed Comprehensive Security Analysis And Have Shown The Correctness And Resilience Of The Proposed Schemes Against Various Attacks. In Addition, We Have Done Extensive Performance Analysis And Have Shown That The Computation Cost Of The Proposed Scheme Is Better Compared To The Existing Schemes.


In This Article, We Investigate The Stability Analysis And Controller Synthesis Problems For A Class Of Stochastic Networked Control Systems Under Aperiodic Denial-of-service Jamming Attacks.

FAST DETECTION OF MOBILE REPLICA NODE ATTACK - Detect The Replica Node In Mobile Wireless Sensor Networks

Security Is The Main Issue In WSN Applications. One Of The Important Attacks In WSN Is Node Replication Attacks. The Adversary Can Capture The Genuine Nodes. After Capturing The Node, The Attacker Collects All The Information Like Keys And Identity. In The Existing Method, The Replica Node Is Detected By The Parameter's Mobility Speed, Node Id And Energy. The Parameters Used In The Existing System Is Not Able To Detect The Exact Replica Node. Speedily Detecting A Replicated Node Will Avoid The Misbehavior Activities Such As Collecting All The Credentials, Etc. The Proposed Approach (FEC) Will Overcome The Issues Of Existing System. It Detects The Replica Node With Speed Of The Sensor Node. The Detection Accuracy Is High.


With The Advent Of 5G, Technologies Such As Software-Defined Networks (SDNs) And Network Function Virtualization (NFV) Have Been Developed To Facilitate Simple Programmable Control Of Wireless Sensor Networks (WSNs).

DECENTRALIZED QOS - AWARE CHECKPOINTING- Scalable And QoS-aware Resource Allocation To Heterogeneous Traffic Flows

Networks Of New Generations Are Increasingly Involved In Transporting Heterogeneous Flows. Indeed, In Addition To The Usual Data And Multimedia Traffic, The Internet Of Things (IoT) Smart Applications Are Creating New Traffic Types And Relationships Involving Billions Of Active Nodes Like Sensors And Actuators. This Traffic Raises A Problem Of Scale, Particularly For Resource Management And Decision-making Mechanisms. The Present Work Addresses For The First Time The Joint Problem Of Mapping Heterogeneous Flows From Multiple Users And Applications To Transport Blocks, And Then Packing These Blocks Into The Rectangular Grid Of Time–frequency Resources Within A Flexible 5G New Radio Frame. Our Solution Is Based On A Quality-of-service-based Classification Of Flows Followed By An Offline Construction Of Two Databases. The First One Enumerates All Possible Configurations Of Transport Blocks And The Second Enumerates All Possible Configurations Of Frames. Thus, The Sole Online Processing That Remains To Be Done Is To Find The Optimal Block Configurations That Satisfy A Given Request Vector. Hence, The Resolution Of This Complex Joint Mapping And Packing Problem Is Reduced To A Simple Resolution Of A Linear Problem, Which Consists In Finding The Best Configurations. A Thorough Numerical Study Shows That Our Configuration-based Solution Can Map, Within Few Tens Of Milliseconds, More Than 100 Flow Connections To Transport Blocks Incurring Only 3% Of Overallocation, And Then Pack These Blocks Into The Grid Leading To An Upper Bound On The Optimality Gap As Low As 2.8%.


As An Industrial Application Of Internet Of Things (IoT), Internet Of Vehicles Is One Of The Most Crucial Techniques For Intelligent Transportation System, Which Is A Basic Element Of Smart Cities.


DNS, One Of The Most Critical Elements Of The Internet, Is Among These Protocols. It Is Vulnerable To DDoS Attacks Mainly Because All Exchanges In This Protocol Use User Datagram Protocol (UDP).


The Complexity And Dynamic Of The Manufacturing Environment Are Growing Due To The Changes Of Manufacturing Demand From Mass Production To Mass Customization That Require Variable Product Types, Small Lot Sizes, And A Short Lead-time To Market. Currently, The Automatic Manufacturing Systems Are Suitable For Mass Production

Adaptive Diffusion Of Sensitive Information In Online Social Networks

The Cascading Of Sensitive Information Such As Private Contents And Rumors Is A Severe Issue In Online Social Networks.

OPTIMAL MULTIPATH ROUTING - Network-Aware Multipathing In Software-Defined Data Center Networks

Data Center Networks Employ Parallel Paths To Perform Load Balancing. Existing Traffic Splitting Schemes Propose Weighted Traffic Distribution Across Multiple Paths Via A Centralized View. An SDN Controller Computes The Traffic Splitting Ratio Of A Flow Group Among All The Paths, And Implements The Ratio By Creating Multiple Rules In The Flow Table Of OpenFlow Switches. However, Since The Number Of Rules In TCAM-based Flow Table Is Limited, It Is Not Scalable To Implement The Ideal Splitting Ratio For Every Flow Group. Existing Solutions, WCMP And Niagara, Aim At Reducing The Maximum Oversubscription Of All Egress Ports And Reducing Traffic Imbalance, Respectively. However, The Transmission Time Of Flow Groups, Which Measures The Quality Of Cloud Services, Is Sub-optimal In Existing Solutions That Ignore Heterogeneous Network Bandwidth. We Propose And Implement NAMP, A Multipathing Scheme Considering The Network Heterogeneity, To Efficiently Optimize The Transmission Time Of Flow Groups. Experimental Results Show That NAMP Reduces The Transmission Time By Up To 45.4% Than Niagara, Up To 50% Than WCMP, And Up To 60% Than ECMP.

WIRELESS COMMUNICATIONS SYSTEMS SUPPORTING MULTIMEDIA SERVICES - On SDN-driven Network Optimization And QoS Aware Routing Using Multiple Paths

Software Defined Networking (SDN) Is A Driving Technology For Enabling The 5th Generation Of Mobile Communication (5G) Systems Offering Enhanced Network Management Features And Softwarization. This Paper Concentrates On Reducing The Operating Expenditure (OPEX) Costs While I) Increasing The Quality Of Service (QoS) By Leveraging The Benefits Of Queuing And Multi-path Forwarding In OpenFlow, Ii) Allowing An Operator With An SDN-enabled Network To Efficiently Allocate The Network Resources Considering Mobility, And Iii) Reducing Or Even Eliminating The Need For Over-provisioning. For Achieving These Objectives, A QoS Aware Network Configuration And Multipath Forwarding Approach Is Introduced That Efficiently Manages The Operation Of SDN Enabled Open Virtual Switches (OVSs). This Paper Proposes And Evaluates Three Solutions That Exploit The Strength Of QoS Aware Routing Using Multiple Paths. While The Two First Solutions Provide Optimal And Approximate Optimal Configurations, Respectively, Using Linear Integer Programming Optimization, The Third One Is A Heuristic That Uses Dijkstra Short-path Algorithm. The Obtained Results Demonstrate The Performance Of The Proposed Solutions In Terms Of OPEX And Execution Time.

PRIVACY-PRESERVING LOCATION PROOFS FOR MOBILE USERS - A Decentralized Location Privacy-Preserving Spatial Crowdsourcing For Internet Of Vehicles

With The Rapid Development Of Internet Of Vehicles (IoV), Vehicle-based Spatial Crowdsourcing (SC) Applications Have Been Proposed And Widely Applied To Various Fields. However, Location Privacy Leakage Is A Serious Issue In Spatial Crowdsourcing Because Workers Who Participate In A Crowdsourcing Task Are Required To Upload Their Driving Locations. In This Paper, We Propose A Decentralized Location Privacy-preserving SC For IoV, Which Allows Vehicle Users To Securely Participate In SC With Ensuring The Task's Location Policy Privacy And Providing Multi-level Privacy Preservation For Workers' Locations. Specifically, We Introduce Blockchain Technology Into SC, Which Can Eliminate The Control Of Vehicle User Data By SC-server. We Combine The Additively Homomorphic Encryption And Circle-based Location Verification To Ensure The Confidentiality Of Task's Location Policy. To Achieve Multi-level Privacy Preservation For Workers' Driving Locations, We Only Reveal A Grid Where Workers Are Located In. The Size Of The Grid Represents The Level Of Privacy Preservation. We Leverage The Order-preserving Encryption And Non-interactive Zero-knowledge Proof To Prevent Workers From Illegally Obtaining Rewards By Forging Their Driving Locations. The Security Analysis Results Show That Our Framework Can Satisfy The Above Requirements. In Addition, The Experiment Results Demonstrate That Our Framework Is Efficient And Feasible In Practice.

DDOS ATTACK - Ddos Attack Using Kpg-Mt Technique

The Transformation Of Traditional Energy Networks To Smart Grids Can Assist In Revolutionizing The Energy Industry In Terms Of Reliability, Performance And Manageability. However, Increased Connectivity Of Power Grid Assets For Bidirectional Communications Presents Severe Security Vulnerabilities. In This Letter, We Investigate Chi-square Detector And Cosine Similarity Matching Approaches For Attack Detection In Smart Grids Where Kalman Filter Estimation Is Used To Measure Any Deviation From Actual Measurements. The Cosine Similarity Matching Approach Is Found To Be Robust For Detecting False Data Injection Attacks As Well As Other Attacks In The Smart Grids. Once The Attack Is Detected, System Can Take Preventive Action And Alarm The Manager To Take Preventative Action To Limit The Risk. Numerical Results Obtained From Simulations Corroborate Our Theoretical Analysis.

SECRET KEY EXTRACTION IN REAL ENVIRONMENTS- Performance Improvement Based On Modified Lossless Quantization MLQ For Secret Key Generation Extracted From Received Signal Strength

In Symmetric Cryptography Systems Have Problems In The Distribution Of Secret Keys. The Two Users Who Will Communicate Require Sharing Keys Through The Public Channel. The Proposed Solution To Overcome These Problems Is To Utilize Information From The Physical Layer (e.g. RSS). Received Signal Strength (RSS) Is An Indicator For Measuring The Power Received By Wireless Devices. The Advantage Of Secret Key Extraction Using Physical Layer Information From A Wireless Channel Is That It Allows Both Devices Within The Transmission Range To Extract The Secret Key Together. In This Paper, We Propose A Secret Key Generation Scheme Adopted From An Existing Scheme With Modifications To Improve Performance. Our Proposed System Is Applied To Static And Dynamic Conditions To Test Performance. The Proposed Algorithm Is Able To Obtain A Reduction In KDR (Key Disagreement Rate) Up To 48.42% And An Increase In The KGR (Key Generation Rate) Up To 23.35% When Compared To The Existing Scheme. Our Proposed System Also Successfully Passed The Randomness Using The NIST Test With The Approximate Value Of Entropy Generated 0.80 In Static Conditions And 0.81 In Dynamic Conditions.

DATA-CENTRIC SENSOR NETWORKS PDCS - Data-Centric Node Selection For Machine-Type Communications With Lossy Links

The Demand For Efficient Data Dissemination/access Techniques To Find The Relevant Data From Within A Sensor Network Has Led To The Development Of Data-centric Sensor Networks (DCS), Where The Sensor Data As Contrast To Sensor Nodes Are Named Based On Attributes Such As Event Type Or Geographic Location. However, Saving Data Inside A Network Also Creates Security Problems Due To The Lack Of Tamper-resistance Of The Sensor Nodes And The Unattended Nature Of The Sensor Network. For Example, An Attacker May Simply Locate And Compromise The Node Storing The Event Of His Interest. To Address These Security Problems, We Present PDCS, A Privacy-enhanced DCS Network Which Offers Different Levels Of Data Privacy Based On Different Cryptographic Keys. In Addition, We Propose Several Query Optimization Techniques Based On Euclidean Steiner Tree And Keyed Bloom Filter To Minimize The Query Overhead While Providing Certain Query Privacy. Finally, Detailed Analysis And Simulations Show That The Keyed Bloom Filter Scheme Can Significantly Reduce The Message Overhead With The Same Level Of Query Delay And Maintain A Very High Level Of Query Privacy.

NEGATIVE PASSWORD- Authenticate Encrypted Negative Password

Secure Password Storage Is A Vital Aspect In Systems Based On Password Authentication, Which Is Still The Most Widely Used Authentication Technique, Despite Some Security Flaws. In This Paper, We Propose A Password Authentication Framework That Is Designed For Secure Password Storage And Could Be Easily Integrated Into Existing Authentication Systems. In Our Framework, First, The Received Plain Password From A Client Is Hashed Through A Cryptographic Hash Function (e.g., SHA-256). Then, The Hashed Password Is Converted Into A Negative Password. Finally, The Negative Password Is Encrypted Into An Encrypted Negative Password (ENP) Using A Symmetric-key Algorithm (e.g., AES), And Multi-iteration Encryption Could Be Employed To Further Improve Security. The Cryptographic Hash Function And Symmetric Encryption Make It Difficult To Crack Passwords From ENPs. Moreover, There Are Lots Of Corresponding ENPs For A Given Plain Password, Which Makes Precomputation Attacks (e.g., Lookup Table Attack And Rainbow Table Attack) Infeasible. The Algorithm Complexity Analyses And Comparisons Show That The ENP Could Resist Lookup Table Attack And Provide Stronger Password Protection Under Dictionary Attack. It Is Worth Mentioning That The ENP Does Not Introduce Extra Elements (e.g., Salt); Besides This, The ENP Could Still Resist Precomputation Attacks. Most Importantly, The ENP Is The First Password Protection Scheme That Combines The Cryptographic Hash Function, The Negative Password, And The Symmetric-key Algorithm, Without The Need For Additional Information Except The Plain Password.

MULTI-APPLICATION SHARING WIRELESS SENSOR NETWORKS - An Efficient Many-to-Many Wireless Big Data Delivery Scheme

Wireless Big Data Raises The Demands On The Networking Schemes To Support The Efficient Group Data Sharing Over Heterogeneous Wireless Technologies, Which Take Many-to-many Data Delivery As The Foundation. Information-centric Networking (ICN) Approach Is A Promising Networking Technology To Support Big Data Delivery, Which Has The Potential To Establish The Harmony Between Networking And Wireless Big Data Sharing. However, The Existing ICN Schemes Have Not Carefully Addressed The Many-to-many Communications. To Address This Issue, We Propose An Efficient And Secure Many-to-many Wireless Big Data Delivery Scheme (MWBS) To Provide Group-based Data Dissemination And Retrieval With Name-integrated Forwarding. In MWBS, A Bi-directional Tree Is Securely Constructed For Each Group Through The Procedures Of Group Initiation, Join, Leave, Publication, And Multi-level Inter-zone Routing. Especially, Designated Forwarding And Cacheable Nodes (DFCNs) Are Introduced To Act As The Roots For The Construction Of Such Bi-directional Trees. The Implementation Details Of MWBS Are Provided For Function Verifications. To Effectively Deploy MWBS, We Investigate The Impacts To The MWBS Performance From The Number And Locations Of DFCNs, Which Show That The Optimized Number Of DFCNs Can Reduce The Total Traffic Cost And The DFCN Close To Users Is Preferred To Be Selected For A Group. Finally, Simulations Are Performed To Evaluate The Performance Of MWBS, Which Show That MWBS Can Reduce The Control Packet Overhead And The State Storage Overhead Compared To The Existing ICN Schemes.

TRUST MANAGEMENT USING UNCERTAIN REASONING- A Novel Trust Management Mechanism For Mobile Ad Hoc Networks Based On Grey Theory

Trust Management Mechanism Is A Hot Spot In The Research Of Mobile Ad Hoc Network Security. In View Of The Many Problems Of Trust Management Mechanism In Mobile Hoc Ad Networks, Combining With The Characteristics Of Mobile Ad Hoc Network, We Present A Mobile Ad Hoc Network Trust Management Mechanism Based On Grey Theory In This Paper And Apply It To The Mobile Ad Hoc Network Management In Order To Improve The Availability And Effectiveness Of Trust Management Mechanism And Safeguard The Security Of Mobile Ad Hoc Networks.

GROUP KEY AUTHENTICATION - An Authenticated Group Key Transfer Protocol Based On Secret Sharing

Key Transfer Protocols Rely On A Mutually Trusted Key Generation Center (KGC) To Select Session Keys And Transport Session Keys To All Communication Entities Secretly. Most Often, KGC Encrypts Session Keys Under Another Secret Key Shared With Each Entity During Registration. In This Paper, We Propose An Authenticated Key Transfer Protocol Based On Secret Sharing Scheme That KGC Can Broadcast Group Key Information To All Group Members At Once And Only Authorized Group Members Can Recover The Group Key; But Unauthorized Users Cannot Recover The Group Key. The Confidentiality Of This Transformation Is Information Theoretically Secure. We Also Provide Authentication For Transporting This Group Key. Goals And Security Threats Of Our Proposed Group Key Transfer Protocol Will Be Analyzed In Detail.

COGNITIVE SENSOR NETWORK - Spectrum Availability Based Routing For Cognitive Sensor Networks

With The Occurrence Of Internet Of Things (IoT) Era, The Proliferation Of Sensors Coupled With The Increasing Usage Of Wireless Spectrums Especially The ISM Band Makes It Difficult To Deploy Real-life IoT. Currently, The Cognitive Radio Technology Enables Sensors Transmit Data Packets Over The Licensed Spectrum Bands As Well As The Free ISM Bands. The Dynamic Spectrum Access Technology Enables Secondary Users (SUs) Access Wireless Channel Bands That Are Originally Licensed To Primary Users. Due To The High Dynamic Of Spectrum Availability, It Is Challenging To Design An Efficient Routing Approach For SUs In Cognitive Sensor Networks. We Estimate The Spectrum Availability And Spectrum Quality From The View Of Both The Global Statistical Spectrum Usage And The Local Instant Spectrum Status, And Then Introduce Novel Routing Metrics To Consider The Estimation. In Our Novel Routing Metrics, One Retransmission Is Allowed To Restrict The Number Of Rerouting And Then Increase The Routing Performance. Then, The Related Two Routing Algorithms According To The Proposed Routing Metrics Are Designed. Finally, Our Routing Algorithms In Extensive Simulations Are Implemented To Evaluate The Routing Performance, And We Find That The Proposed Algorithms Achieve A Significant Performance Improvement Compared With The Reference Algorithm.

TRUST-BASED PACKET FILTERING -Towards Effective Trust-Based Packet Filtering In Collaborative Networks Environments

Overhead Network Packets Are A Big Challenge For Intrusion Detection Systems (IDSs), Which May Increase System Burden, Degrade System Performance, And Even Cause The Whole System Collapse, When The Number Of Incoming Packets Exceeds The Maximum Handling Capability. To Address This Issue, Packet Filtration Is Considered As A Promising Solution, And Our Previous Research Efforts Have Proven That Designing A Trust-based Packet Filter Was Able To Refine Unwanted Network Packets And Reduce The Workload Of A Local IDS. With The Development Of Internet Cooperation, Collaborative Intrusion Detection Environments (e.g., CIDNs) Have Been Developed, Which Allow IDS Nodes To Collect Information And Learn Experience From Others. However, It Would Not Be Effective For The Previously Built Trust-based Packet Filter To Work In Such A Collaborative Environment, Since The Process Of Trust Computation Can Be Easily Compromised By Insider Attacks. In This Paper, We Adopt The Existing CIDN Framework And Aim To Apply A Collaborative Trust-based Approach To Reduce Unwanted Packets. More Specifically, We Develop A Collaborative Trust-based Packet Filter, Which Can Be Deployed In Collaborative Networks And Be Robust Against Typical Insider Attacks (e.g., Betrayal Attacks). Experimental Results In Various Simulated And Practical Environments Demonstrate That Our Filter Can Perform Effectively In Reducing Unwanted Traffic And Can Defend Against Insider Attacks Through Identifying Malicious Nodes In A Quick Manner, As Compared To Similar Approaches.

ANOMLY DETECTION - Anomaly Detection And Attribution In Networks With Temporally Correlated Traffic

Anomaly Detection In Communication Networks Is The First Step In The Challenging Task Of Securing A Network, As Anomalies May Indicate Suspicious Behaviors, Attacks, Network Malfunctions, Or Failures. In This Paper, We Address The Problem Of Not Only Detecting The Anomalous Events But Also Of Attributing The Anomaly To The Flows Causing It. To This End, We Develop A New Statistical Decision Theoretic Framework For Temporally Correlated Traffic In Networks Via Markov Chain Modeling. We First Formulate The Optimal Anomaly Detection Problem Via The Generalized Likelihood Ratio Test (GLRT) For Our Composite Model. This Results In A Combinatorial Optimization Problem Which Is Prohibitively Expensive. We Then Develop Two Low-complexity Anomaly Detection Algorithms. The First Is Based On The Cross Entropy (CE) Method, Which Detects Anomalies As Well As Attributes Anomalies To Flows. The Second Algorithm Performs Anomaly Detection Via GLRT On The Aggregated Flows Transformation - A Compact Low-dimensional Representation Of The Raw Traffic Flows. The Two Algorithms Complement Each Other And Allow The Network Operator To First Activate The Flow Aggregation Algorithm In Order To Quickly Detect Anomalies In The System. Once An Anomaly Has Been Detected, The Operator Can Further Investigate Which Specific Flows Are Anomalous By Running The CE-based Algorithm. We Perform Extensive Performance Evaluations And Experiment Our Algorithms On Synthetic And Semi-synthetic Data, As Well As On Real Internet Traffic Data Obtained From The MAWI Archive, And Finally Make Recommendations Regarding Their Usability.

PROTECT PERSONAL DATA - Decentralized Privacy Using Block Chain To Protect Personal Data

The Recent Increase In Reported Incidents Of Surveillance And Security Breaches Compromising Users' Privacy Call Into Question The Current Model, In Which Third-parties Collect And Control Massive Amounts Of Personal Data. Bit Coin Has Demonstrated In The Financial Space That Trusted, Auditable Computing Is Possible Using A Decentralized Network Of Peers Accompanied By A Public Ledger. In This Paper, We Describe A Decentralized Personal Data Management System That Ensures Users Own And Control Their Data. We Implement A Protocol That Turns A Block Chain Into An Automated Access-control Manager That Does Not Require Trust In A Third Party. Unlike Bit Coin, Transactions In Our System Are Not Strictly Financial -- They Are Used To Carry Instructions, Such As Storing, Querying And Sharing Data. Finally, We Discuss Possible Future Extensions To Block Chains That Could Harness Them Into A Well-rounded Solution For Trusted Computing Problems In Society.

DATA AGGREGATION OF COLLUSION ATTACKS- Secure Data Aggregation In Wireless Sensor Networks In The Presence Of Collusion Attacks

Due To Limited Computational Power And Energy Resources, Aggregation Of Data From Multiple Sensor Nodes Done At The Aggregating Node Is Usually Accomplished By Simple Methods Such As Averaging. However Such Aggregation Is Known To Be Highly Vulnerable To Node Compromising Attacks. Since WSN Are Usually Unattended And Without Tamper Resistant Hardware, They Are Highly Susceptible To Such Attacks. Thus, Ascertaining Trustworthiness Of Data And Reputation Of Sensor Nodes Is Crucial For WSN. As The Performance Of Very Low Power Processors Dramatically Improves, Future Aggregator Nodes Will Be Capable Of Performing More Sophisticated Data Aggregation Algorithms, Thus Making WSN Less Vulnerable. Iterative Filtering Algorithms Hold Great Promise For Such A Purpose. Such Algorithms Simultaneously Aggregate Data From Multiple Sources And Provide Trust Assessment Of These Sources, Usually In A Form Of Corresponding Weight Factors Assigned To Data Provided By Each Source. In This Paper We Demonstrate That Several Existing Iterative Filtering Algorithms, While Significantly More Robust Against Collusion Attacks Than The Simple Averaging Methods, Are Nevertheless Susceptive To A Novel Sophisticated Collusion Attack We Introduce. To Address This Security Issue, We Propose An Improvement For Iterative Filtering Techniques By Providing An Initial Approximation For Such Algorithms Which Makes Them Not Only Collusion Robust, But Also More Accurate And Faster Converging.

MESSAGE AUTHENTICATION AND SOURCE - Hop-by-Hop Message Authentication And Source Privacy In Wireless Sensor Networks

Message Authentication Is One Of The Most Effective Ways To Thwart Unauthorized And Corrupted Messages From Being Forwarded In Wireless Sensor Networks (WSNs). For This Reason, Many Message Authentication Schemes Have Been Developed, Based On Either Symmetric-key Cryptosystems Or Public-key Cryptosystems. Most Of Them, However, Have The Limitations Of High Computational And Communication Overhead In Addition To Lack Of Scalability And Resilience To Node Compromise Attacks. To Address These Issues, A Polynomial-based Scheme Was Recently Introduced. However, This Scheme And Its Extensions All Have The Weakness Of A Built-in Threshold Determined By The Degree Of The Polynomial: When The Number Of Messages Transmitted Is Larger Than This Threshold, The Adversary Can Fully Recover The Polynomial. In This Paper, We Propose A Scalable Authentication Scheme Based On Elliptic Curve Cryptography (ECC). While Enabling Intermediate Nodes Authentication, Our Proposed Scheme Allows Any Node To Transmit An Unlimited Number Of Messages Without Suffering The Threshold Problem. In Addition, Our Scheme Can Also Provide Message Source Privacy. Both Theoretical Analysis And Simulation Results Demonstrate That Our Proposed Scheme Is More Efficient Than The Polynomial-based Approach In Terms Of Computational And Communication Overhead Under Comparable Security Levels While Providing Message Source Privacy.

MISBEHAVIOUR DETECTION SCHEME - A Probabilistic Misbehavior Detection Scheme Toward Efficient Trust Establishment In Delay-Tolerant Networks

Malicious And Selfish Behaviors Represent A Serious Threat Against Routing In Delay/disruption Tolerant Networks (DTNs). Due To The Unique Network Characteristics, Designing A Misbehavior Detection Scheme In DTN Is Regarded As A Great Challenge. In This Paper, We Propose ITrust, A Probabilistic Misbehavior Detection Scheme, For Secure DTN Routing Toward Efficient Trust Establishment. The Basic Idea Of ITrust Is Introducing A Periodically Available Trusted Authority (TA) To Judge The Node's Behavior Based On The Collected Routing Evidences And Probabilistically Checking. We Model ITrust As The Inspection Game And Use Game Theoretical Analysis To Demonstrate That, By Setting An Appropriate Investigation Probability, TA Could Ensure The Security Of DTN Routing At A Reduced Cost. To Further Improve The Efficiency Of The Proposed Scheme, We Correlate Detection Probability With A Node's Reputation, Which Allows A Dynamic Detection Probability Determined By The Trust Of The Users. The Extensive Analysis And Simulation Results Demonstrate The Effectiveness And Efficiency Of The Proposed Scheme.

KEY EXCHAGE OVER INTERNET - Privacy-Preserving Authenticated Key-Exchange Over Internet

Key-exchange, In Particular Diffie-Hellman Key-exchange (DHKE), Is Among The Core Cryptographic Mechanisms For Ensuring Network Security. For Key-exchange Over The Internet, Both Security And Privacy Are Desired. In This Paper, We Develop A Family Of Privacy-preserving Authenticated DHKE Protocols Named Deniable Internet Key-exchange (DIKE), Both In The Traditional PKI Setting And In The Identity-based Setting. The Newly Developed DIKE Protocols Are Of Conceptual Clarity And Practical (online) Efficiency. They Provide Useful Privacy Protection To Both Protocol Participants, And Add Novelty And New Value To The IKE Standard. To The Best Of Our Knowledge, Our Protocols Are The First Provably Secure DHKE Protocols That Additionally Enjoy All The Following Privacy Protection Advantages: 1) Forward Deniability, Actually Concurrent Non-malleable Statistical Zero-knowledge, For Both Protocol Participants Simultaneously; 2) The Session Transcript And Session-key Can Be Generated Merely From DH-exponents (together With Some Public Values), Which Thus Cannot Be Traced To The Pair Of Protocol Participants; And 3) Exchanged Messages Do Not Bear Peer's Identity, And Do Not Explicitly Bear Player Role Information.

TRAFFICE ANALYSIS - Click Traffic Analysis Of Short URL Spam On Twitter

With An Average Of 80% Length Reduction, The URL Shorteners Have Become The Norm For Sharing URLs On Twitter, Mainly Due To The 140-character Limit Per Message. Unfortunately, Spammers Have Also Adopted The URL Shorteners To Camouflage And Improve The User Click-through Of Their Spam URLs. In This Paper, We Measure The Misuse Of The Short URLs And Analyze The Characteristics Of The Spam And Non-spam Short URLs. We Utilize These Measurements To Enable The Detection Of Spam Short URLs. To Achieve This, We Collected Short URLs From Twitter And Retrieved Their Click Traffic Data From Bitly, A Popular URL Shortening System. We First Investigate The Creators Of Over 600,000 Bitly Short URLs To Characterize Short URL Spammers. We Then Analyze The Click Traffic Generated From Various Countries And Referrers, And Determine The Top Click Sources For Spam And Non-spam Short URLs. Our Results Show That The Majority Of The Clicks Are From Direct Sources And That The Spammers Utilize Popular Websites To Attract More Attention By Cross-posting The Links. We Then Use The Click Traffic Data To Classify The Short URLs Into Spam Vs. Non-spam And Compare The Performance Of The Selected Classifiers On The Dataset. We Determine That The Random Tree Algorithm Achieves The Best Performance With An Accuracy Of 90.81% And An F-measure Value Of 0.913.

SHORTEST DISTANCE- Approximate Shortest Distance Computing-a Query Dependent Local Landmark Scheme

Shortest Distance Query Between Two Nodes Is A Fundamental Operation In Large-scale Networks. Most Existing Methods In The Literature Take A Landmark Embedding Approach, Which Selects A Set Of Graph Nodes As Landmarks And Computes The Shortest Distances From Each Landmark To All Nodes As An Embedding. To Handle A Shortest Distance Query Between Two Nodes, The Precomputed Distances From The Landmarks To The Query Nodes Are Used To Compute An Approximate Shortest Distance Based On The Triangle Inequality. In This Paper, We Analyze The Factors That Affect The Accuracy Of The Distance Estimation In The Landmark Embedding Approach. In Particular We Find That A Globally Selected, Query-independent Landmark Set Plus The Triangulation Based Distance Estimation Introduces A Large Relative Error, Especially For Nearby Query Nodes. To Address This Issue, We Propose A Query-dependent Local Landmark Scheme, Which Identifies A Local Landmark Close To The Specific Query Nodes And Provides A More Accurate Distance Estimation Than The Traditional Global Landmark Approach. Specifically, A Local Landmark Is Defined As The Least Common Ancestor Of The Two Query Nodes In The Shortest Path Tree Rooted At A Global Landmark. We Propose Efficient Local Landmark Indexing And Retrieval Techniques, Which Are Crucial To Achieve Low Offline Indexing Complexity And Online Query Complexity. Two Optimization Techniques On Graph Compression And Graph Online Search Are Also Proposed, With The Goal To Further Reduce Index Size And Improve Query Accuracy. Our Experimental Results On Large-scale Social Networks And Road Networks Demonstrate That The Local Landmark Scheme Reduces The Shortest Distance Estimation Error Significantly When Compared With Global Landmark Embedding.

SOCIAL STREAM - Detection Of Emerging Topics In Social Stream Using Link Anomaly

Detection Of Emerging Topics Is Now Receiving Renewed Interest Motivated By The Rapid Growth Of Social Networks. Conventional-term-frequency-based Approaches May Not Be Appropriate In This Context, Because The Information Exchanged In Social-network Posts Include Not Only Text But Also Images, URLs, And Videos. We Focus On Emergence Of Topics Signaled By Social Aspects Of Theses Networks. Specifically, We Focus On Mentions Of Users--links Between Users That Are Generated Dynamically (intentionally Or Unintentionally) Through Replies, Mentions, And Retweets. We Propose A Probability Model Of The Mentioning Behavior Of A Social Network User, And Propose To Detect The Emergence Of A New Topic From The Anomalies Measured Through The Model. Aggregating Anomaly Scores From Hundreds Of Users, We Show That We Can Detect Emerging Topics Only Based On The Reply/mention Relationships In Social-network Posts. We Demonstrate Our Technique In Several Real Data Sets We Gathered From Twitter. The Experiments Show That The Proposed Mention-anomaly-based Approaches Can Detect New Topics At Least As Early As Text-anomaly-based Approaches, And In Some Cases Much Earlier When The Topic Is Poorly Identified By The Textual Contents In Posts.

SOCIAL NETWORK - Experimental Analysis On Access Control Using Trust Parameter For Social Network

Technology Made Socializing Very Simple And Easy, Connecting Everyone Is Just A Matter Of A Click Today. The Security Of Our Personal Information And Sharing That Information In The Digital World Has Always Been A Major Challenge For The Ever-growing Social Networks. When It Comes To The Relationship Between People And Technology, The Attribution Of Trust Is A Matter Of Dispute Always. This Paper Proposes An Access Control Scheme Called Trust Based Access Control For Social Networks, Or STBAC, Which Allows Users To Share Data Among Their Friends, Using A Trust Computation To Determine Which Friends Should Be Given Access. This Trust Computation Uses Previous Interactions Among A User's Friends To Classify His Or Her Peers Into Privileged Or Unprivileged Zones, Which Determine Whether That Peer Gains Access To The User's Data. The System Will Work As A Filter For Each Of The Peer And Try To Evaluate The Trust Access Control In Social Networks.

TOLERANT NETWORK ROUTING- A Novel Message Scheduling Framework For Delay Tolerant Networks Routing

Multicopy Routing Strategies Have Been Considered The Most Applicable Approaches To Achieve Message Delivery In Delay Tolerant Networks (DTNs). Epidemic Routing And Two-hop Forwarding Routing Are Two Well-reported Approaches For Delay Tolerant Networks Routing Which Allow Multiple Message Replicas To Be Launched In Order To Increase Message Delivery Ratio And/or Reduce Message Delivery Delay. This Advantage, Nonetheless, Is At The Expense Of Additional Buffer Space And Bandwidth Overhead. Thus, To Achieve Efficient Utilization Of Network Resources, It Is Important To Come Up With An Effective Message Scheduling Strategy To Determine Which Messages Should Be Forwarded And Which Should Be Dropped In Case Of Buffer Is Full. This Paper Investigates A New Message Scheduling Framework For Epidemic And Two-hop Forwarding Routing In DTNs, Such That The Forwarding/dropping Decision Can Be Made At A Node During Each Contact For Either Optimal Message Delivery Ratio Or Message Delivery Delay. Extensive Simulation Results Show That The Proposed Message Scheduling Framework Can Achieve Better Performance Than Its Counterparts.

INTERNET DISTRIBUTED SYSTEM - Optimal Client Server Assignment For Internet Distributed Systems

We Investigate An Underlying Mathematical Model And Algorithms For Optimizing The Performance Of A Class Of Distributed Systems Over The Internet. Such A System Consists Of A Large Number Of Clients Who Communicate With Each Other Indirectly Via A Number Of Intermediate Servers. Optimizing The Overall Performance Of Such A System Then Can Be Formulated As A Client-server Assignment Problem Whose Aim Is To Assign The Clients To The Servers In Such A Way To Satisfy Some Prespecified Requirements On The Communication Cost And Load Balancing. We Show That 1) The Total Communication Load And Load Balancing Are Two Opposing Metrics, And Consequently, Their Tradeoff Is Inherent In This Class Of Distributed Systems; 2) In General, Finding The Optimal Client-server Assignment For Some Prespecified Requirements On The Total Load And Load Balancing Is NP-hard, And Therefore; 3) We Propose A Heuristic Via Relaxed Convex Optimization For Finding The Approximate Solution. Our Simulation Results Indicate That The Proposed Algorithm Produces Superior Performance Than Other Heuristics, Including The Popular Normalized Cuts Algorithm.

IDENTITY BASED CYPTOGRAPHY - A Distributed Private-key Generator For Identity-Based Cryptography

An Identity-based Encryption (IBE) Scheme Can Greatly Reduce The Complexity Of Sending Encrypted Messages. However, An IBE Scheme Necessarily Requires A Private-key Generator (PKG), Which Can Create Private Keys For Clients, And So Can Passively Eavesdrop On All Encrypted Communications. Although A Distributed PKG Has Been Suggested As A Way To Mitigate This Key Escrow Problem For Boneh And Franklin’s IBE Scheme, The Security Of This Distributed Protocol Has Not Been Proven. Further, A Distributed PKG Has Not Been Considered For Any Other IBE Scheme. In This Paper, We Design Distributed PKG Setup And Private Key Extraction Protocols For Three Important IBE Schemes; Namely, Boneh And Franklin’s BF-IBE, Sakai And Kasahara’s SK-IBE, And Boneh And Boyen’s BB1 -IBE. We Give Special Attention To The Applicability Of Our Protocols To All Possible Types Of Bilinear Pairings And Prove Their IND-ID-CCA Security In The Random Oracle Model Against A Byzantine Adversary. Finally, We Also Perform A Comparative Analysis Of These Protocols And Present Recommendations For Their Use.

CONTROLLING IP SPOOFING - Controlling IP Spoofing Through Inter-Domain Packet Filters

The Distributed Denial-of-service (DDoS) Attack Is A Serious Threat To The Legitimate Use Of The Internet. Prevention Mechanisms Are Thwarted By The Ability Of Attackers To Forge Or Spoof The Source Addresses In IP Packets. By Employing IP Spoofing, Attackers Can Evade Detection And Put A Substantial Burden On The Destination Network For Policing Attack Packets. In This Paper, We Propose An Interdomain Packet Filter (IDPF) Architecture That Can Mitigate The Level Of IP Spoofing On The Internet. A Key Feature Of Our Scheme Is That It Does Not Require Global Routing Information. IDPFs Are Constructed From The Information Implicit In Border Gateway Protocol (BGP) Route Updates And Are Deployed In Network Border Routers. We Establish The Conditions Under Which The IDPF Framework Correctly Works In That It Does Not Discard Packets With Valid Source Addresses. Based On Extensive Simulation Studies, We Show That, Even With Partial Deployment On The Internet, IDPFs Can Proactively Limit The Spoofing Capability Of Attackers. In Addition, They Can Help Localize The Origin Of An Attack Packet To A Small Number Of Candidate Networks.

ESM- Efficient And Scalable Data Center Multicast Routing

Multicast Benefits Group Communications In Saving Network Traffic And Improving Application Throughput, Both Of Which Are Important For Data Center Applications. However, The Technical Trend Of Data Center Design Poses New Challenges For Efficient And Scalable Multicast Routing. First, The Densely Connected Networks Make Traditional Receiver-driven Multicast Routing Protocols Inefficient In Multicast Tree Formation. Second, It Is Quite Difficult For The Low-end Switches Widely Used In Data Centers To Hold The Routing Entries Of Massive Multicast Groups. In This Paper, We Propose ESM, An Efficient And Scalable Multicast Routing Scheme For Data Center Networks. ESM Addresses The Challenges Above By Exploiting The Feature Of Modern Data Center Networks. Based On The Regular Topology Of Data Centers, ESM Uses A Source-to-receiver Expansion Approach To Build Efficient Multicast Trees, Excluding Many Unnecessary Intermediate Switches Used In Receiver-driven Multicast Routing. For Scalable Multicast Routing, ESM Combines Both In-packet Bloom Filters And In-switch Entries To Make The Tradeoff Between The Number Of Multicast Groups Supported And The Additional Bandwidth Overhead. Simulations Show That ESM Saves 40% ~ 50% Network Traffic And Doubles The Application Throughputs Compared To Receiver-driven Multicast Routing, And The Combination Routing Scheme Significantly Reduces The Number Of In-switch Entries Required. We Implement ESM On A Linux Platform. The Experimental Results Further Demonstrate That ESM Can Well Support Online Tree Building For Large-scale Groups With Churns, And The Overhead Of The Combination Forwarding Engine Is Light-weighted.

COLLABORATIVE PROTECTION NETWORK - Firecol A Collaborative Protection Network For Vehicle Safety Communication On The Freeway

Distributed Denial-of-service (DDoS) Attacks Remain A Major Security Problem, The Mitigation Of Which Is Very Hard Especially When It Comes To Highly Distributed Botnet-based Attacks. The Early Discovery Of These Attacks, Although Challenging, Is Necessary To Protect End-users As Well As The Expensive Network Infrastructure Resources. In This Paper, We Address The Problem Of DDoS Attacks And Present The Theoretical Foundation, Architecture, And Algorithms Of FireCol. The Core Of FireCol Is Composed Of Intrusion Prevention Systems (IPSs) Located At The Internet Service Providers (ISPs) Level. The IPSs Form Virtual Protection Rings Around The Hosts To Defend And Collaborate By Exchanging Selected Traffic Information. The Evaluation Of FireCol Using Extensive Simulations And A Real Dataset Is Presented, Showing FireCol Effectiveness And Low Overhead, As Well As Its Support For Incremental Deployment In Real Networks.

DETECTION OF FALSE DATA INJECTION ATTACKS - Cyber Attack Detection Based On Wavelet Singular Entropy In AC Smart Islands False Data Injection Attack

Since Smart-Islands (SIs) With Advanced Cyber-infrastructure Are Incredibly Vulnerable To Cyber-attacks, Increasing Attention Needs To Be Applied To Their Cyber-security. False Data Injection Attacks (FDIAs) By Manipulating Measurements May Cause Wrong State Estimation (SE) Solutions Or Interfere With The Central Control System Performance. There Is A Possibility That Conventional Attack Detection Methods Do Not Detect Many Cyber-attacks; Hence, System Operation Can Interfere. Research Works Are More Focused On Detecting Cyber-attacks That Target DC-SE; However, Due To More Widely Uses Of AC SIs, Investigation On Cyber-attack Detection In AC Systems Is More Crucial. In These Regards, A New Mechanism To Detect Injection Of Any False Data In AC-SE Based On Signal Processing Technique Is Proposed In This Paper. Malicious Data Injection In The State Vectors May Cause Deviation Of Their Temporal And Spatial Data Correlations From Their Ordinary Operation. The Suggested Detection Method Is Based On Analyzing Temporally Consecutive System States Via Wavelet Singular Entropy (WSE). In This Method, To Adjust Singular Value Matrices And Wavelet Transforms' Detailed Coefficients, Switching Surface Based On Sliding Mode Controller Are Decomposed; Then, By Applying The Stochastic Process, Expected Entropy Values Are Calculated. Indices Are Characterized Based On The WSE In Switching Level Of Current And Voltage For Cyber-attack Detection. The Proposed Detection Method Is Applied To Different Case Studies To Detect Cyber-attacks With Various Types Of False Data Injection, Such As Amplitude, And Vector Deviation Signals. The Simulation Results Confirm The High-performance Capability Of The Proposed FDIA Detection Method. This Detection Method's Significant Characteristic Is Its Ability In Fast Detection (10 Ms From The Attack Initiation); Besides, This Technique Can Achieve An Accuracy Rate Of Over 96.5%.

SECURE DATA AGGREGATION IN THE PRESENCE OF COLLUSION ATTACKS- Trust Evaluation For Securing Compromised Data Aggregation Against The Collusion Attack In WSN

With A Storage Space Limit On The Sensors, WSN Has Some Drawbacks Related To Bandwidth And Computational Skills. This Limited Resources Would Reduce The Amount Of Data Transmitted Across The Network. For This Reason, Data Aggregation Is Considered As A New Process. Iterative Filtration (IF) Algorithms, Which Provide Trust Assessment To The Various Sources From Which The Data Aggregation Has Been Performed, Are Efficient In The Present Data Aggregation Algorithms. Trust Assessment Is Done With Weights From The Simple Average Method To Aggregation, Which Treats Attack Susceptibility. Iteration Filter Algorithms Are Stronger Than The Ordinary Average, But They Do Not Handle The Current Advanced Attack That Takes Advantage Of False Information With Many Compromise Nodes. Iterative Filters Are Strengthened By An Initial Confidence Estimate To Track New And Complex Attacks, Improving The Solidity And Accuracy Of The IF Algorithm. The New Method Is Mainly Concerned With Attacks Against The Clusters And Not Against The Aggregator. In This Process, If An Aggregator Is Attacked, The Current System Fails, And The Information Is Eventually Transmitted To The Aggregator By The Cluster Members. This Problem Can Be Detected When Both Cluster Members And Aggregators Are Being Targeted. It Is Proposed To Choose An Aggregator Which Chooses A New Aggregator According To The Remaining Maximum Energy And Distance To The Base Station When An Aggregator Attack Is Detected. It Also Save Time And Energy Compared To The Current Program Against The Corrupted Aggregator Node.

BOTNET FINGERPRINTING- A Frequency Distributions Scheme For Lightweight Bot Detection

Efficient Bot Detection Is A Crucial Security Matter And Widely Explored In The Past Years. Recent Approaches Supplant Flow-based Detection Techniques And Exploit Graph-based Features, Incurring However In Scalability Issues, With High Time And Space Complexity. Bots Exhibit Specific Communication Patterns: They Use Particular Protocols, Contact Specific Domains, Hence Can Be Identified By Analyzing Their Communication With The Outside. A Way We Follow To Simplify The Communication Graph And Avoid Scalability Issues Is Looking At Frequency Distributions Of Protocol Attributes Capturing The Specificity Of Botnets Behaviour. We Propose A Bot Detection Technique Named BotFP, For BotFingerPrinting, Which Acts By (i) Characterizing Hosts Behaviour With Attribute Frequency Distribution Signatures, (ii) Learning Benign Hosts And Bots Behaviours Through Either Clustering Or Supervised Machine Learning (ML), And (iii) Classifying New Hosts Either As Bots Or Benign Ones, Using Distances To Labelled Clusters Or Relying On A ML Algorithm. We Validate BotFP On The CTU-13 Dataset, Which Contains 13 Scenarios Of Bot Infections, Connecting To A Command-and-Control (C&C) Channel And Launching Malicious Actions Such As Port Scanning Or Denial-of-Service (DDoS) Attacks. Compared To State-of-the-art Techniques, We Show That BotFP Is More Lightweight, Can Handle Large Amounts Of Data, And Shows Better Accuracy.

ATTACKS ON PASSWORDS - One Time Password Guessing Attacks

A Fundamental Premise Of SMS One-Time Password (OTP) Is That The Used Pseudo-random Numbers (PRNs) Are Uniquely Unpredictable For Each Login Session. Hence, The Process Of Generating PRNs Is The Most Critical Step In The OTP Authentication. An Improper Implementation Of The Pseudorandom Number Generator (PRNG) Will Result In Predictable Or Even Static OTP Values, Making Them Vulnerable To Potential Attacks. In This Paper, We Present A Vulnerability Study Against PRNGs Implemented For Android Apps. A Key Challenge Is That PRNGs Are Typically Implemented On The Server-side, And Thus The Source Code Is Not Accessible. To Resolve This Issue, We Build An Analysis Tool, OTP-Lint, To Assess Implementations Of The PRNGs In An Automated Manner Without The Source Code Requirement. Through Reverse Engineering, OTP-Lint Identifies The Apps Using SMS OTP And Triggers Each App's Login Functionality To Retrieve OTP Values. It Further Assesses The Randomness Of The OTP Values To Identify Vulnerable PRNGs. By Analyzing 6,431 Commercially Used Android Apps Downloaded From Google Play And Tencent Myapp, OTP-Lint Identified 399 Vulnerable Apps That Generate Predictable OTP Values. Even Worse, 194 Vulnerable Apps Use The OTP Authentication Alone Without Any Additional Security Mechanisms, Leading To Insecure Authentication Against Guessing Attacks And Replay Attacks.

DETECTION OF MALICIOUS EMAIL- Malicious Mail Filtering And Tracing System Based On KNN And Improved LSTM Algorithm

Spam And Phishing Emails Are Very Troublesome Problems For Mailbox Users. Many Enterprises, Departments And Individuals Are Harmed By Them. Moreover, The Senders Of These Malicious Emails Are In A Hidden Position And Occupy An Initiative Position. The Existing Mailbox Services Can Only Filter And Shield Some Malicious Mails, Which Is Difficult To Reverse The Disadvantage Of Users. To Solve These Problems, We Propose A Secure Mail System Using K-nearest Neighbor(KNN) Algorithm And Improved Long Short-term Memory(LSTM) Algorithm(Bi-LSTM-Attention Algorithm). KNN Classifier Can Effectively Distinguish Normal Emails, Spam And Phishing Emails, And Has A High Accuracy. Bi-LSTM-Attention Classifier Classifies Phishing Emails According To The Similarity Of The Malicious Mail Text From The Same Attacker To Some Extent. By Classifying And Identifying The Source Of Malicious Emails, We Can Grasp The Characteristics Of The Attacker, Provide Materials For Further Research, And Improve The Passive Status Of Users. Experiments Show That The Classification Results Of Attack Sources Reach 90%, Which Indicate The Value Of Further Research And Promotion.

NICE-NETWORK INTRUSION DETECTION - Virtual Machine Introspection For Anomaly-Based Keylogger Detection

Today's Architectures For Intrusion Detection Force The IDS Designer To Make A Difficult Choice. If The IDS Resides On The Host, It Has An Excellent View Of What Is Happening In That Host's Software, But Is Highly Susceptible To Attack. On The Other Hand, If The IDS Resides In The Network, It Is More Resistant To Attack, But Has A Poor View Of What Is Happening Inside The Host, Making It More Susceptible To Evasion. In This Paper We Present An Architecture That Retains The Visibility Of A Host-based IDS, But Pulls The IDS Outside Of The Host For Greater Attack Resistance. We Achieve This Through The Use Of A Virtual Machine Monitor. Using This Approach Allows Us To Isolate The IDS From The Monitored Host But Still Retain Excellent Visibility Into The Host's State. The VMM Also Offers Us The Unique Ability To Completely Mediate Interactions Between The Host Software And The Underlying Hardware. We Present A Detailed Study Of Our Architecture, Including Livewire, A Prototype Implementation. We Demonstrate Livewire By Implementing A Suite Of Simple Intrusion Detection Policies And Using Them To Detect Real Attacks.

DISTRIBUTED INFORMATION SHARING Enforcing Secure And Privacy Preserving Information Brokering In Distributed Information Sharing

Today's Organizations Raise An Increasing Need For Information Sharing Via On-demand Access. Information Brokering Systems (IBSs) Have Been Proposed To Connect Large-scale Loosely Federated Data Sources Via A Brokering Overlay, In Which The Brokers Make Routing Decisions To Direct Client Queries To The Requested Data Servers. Many Existing IBSs Assume That Brokers Are Trusted And Thus Only Adopt Server-side Access Control For Data Confidentiality. However, Privacy Of Data Location And Data Consumer Can Still Be Inferred From Metadata (such As Query And Access Control Rules) Exchanged Within The IBS, But Little Attention Has Been Put On Its Protection. In This Paper, We Propose A Novel Approach To Preserve Privacy Of Multiple Stakeholders Involved In The Information Brokering Process. We Are Among The First To Formally Define Two Privacy Attacks, Namely Attribute-correlation Attack And Inference Attack, And Propose Two Countermeasure Schemes Automaton Segmentation And Query Segment Encryption To Securely Share The Routing Decision-making Responsibility Among A Selected Set Of Brokering Servers. With Comprehensive Security Analysis And Experimental Results, We Show That Our Approach Seamlessly Integrates Security Enforcement With Query Routing To Provide System-wide Security With Insignificant Overhead.

DEFENSE STRATEGY AGAINST FLOODING ATTACKS USING GAME THEORY - Defending Link Flooding Attacks Under Incomplete Information A Bayesian Game Approach

The Link flooding Attack (LFA) Arises As A New Classof Distributed Denial Of Service (DDoS) Attacks In Recent Years.By Aggregating Low-rate Protocol-conforming Traffic To Congestselected Links, LFAs Can Degrade Connectivity Or Saturate Targetservers Indirectly. Due To Fast Proliferation Of Insecure Internetof Things (IOT) Devices, The Deployment Of Botnets Is Gettingeasier, Which Dramatically Increases The Risk Of LFAs. Since Theattacking Traffic May Not Reach The Victims Directly And Is Usuallylegitimate, LFAs Are Extremely Difficult To Detect And Defendby Traditional Methods. In This Work, We Model The Interactionbetween LFA Attackers And Defenders As A Two-person Extensiveform Bayesian Game With Incomplete Information. By Using Actionabstraction And The Divide And Conquer Method, We Analyzethe Nash Equilibrium On Each Link, Which Reveals The Rationalbehavior Of Attackers And The Optimal Strategy Of Defenders.Furthermore, We Concretely Expound How To Adopt Local Optimalstrategies In The Internet-wide Scenario. Experimental Resultsshow The Effectiveness And Robustness Of Our Proposed Decision-making Method In Explicit LFA Defending Scenarios.

GROUP SECRET KEY GENERATION- Group Secret-Key Generation Using Algebraic Rings In Wireless Networks

It Is Well Known That Physical-layer Group Secret-Key (GSK) Generation Techniques Allow Multiple Nodes Of A Wireless Network To Synthesize A Common Secret-key, Which Can Be Subsequently Used To Keep Their Group Messages Confidential. As One Of Its Salient Features, The Wireless Nodes Involved In Physical-layer GSK Generation Extract Randomness From A Subset Of Their Wireless Channels, Referred As The Common Source Of Randomness (CSR). Unlike Two-user Key Generation, In GSK Generation, Some Nodes Must Act As Facilitators By Broadcasting Quantized Versions Of The Linear Combinations Of The Channel Realizations, So As To Assist All The Nodes To Observe A CSR. However, We Note That Broadcasting Linear Combination Of Channel Realizations Incurs Non-zero Leakage Of The CSR To An Eavesdropper, And Moreover, Quantizing The Linear Combination Also Reduces The Overall Key-rate. Identifying These Issues, We Propose A Practical GSK Generation Protocol, Referred To As Algebraic Symmetrically Quantized GSK (A-SQGSK) Protocol, In A Network Of Three Nodes, Wherein Due To Quantization Of Symbols At The Facilitator, The Other Two Nodes Also Quantize Their Channel Realizations, And Use Them Appropriately Over Algebraic Rings To Generate The Keys. First, We Prove That The A-SQGSK Protocol Incurs Zero Leakage To An Eavesdropper. Subsequently, On The CSR Provided By The A-SQGSK Protocol, We Propose A Consensus Algorithm Among The Three Nodes, Called The Entropy-Maximization Error-Minimization (EM-EM) Algorithm, Which Maximizes The Entropy Of The Secret-key Subject To An Upper-bound On The Mismatch-rate. We Use Extensive Analysis And Simulation Results To Lay Out Guidelines To Jointly Choose The Parameters Of The A-SQGSK Protocol And The EM-EM Algorithm.

VELNERABILITY ANALYSIS - An Integrated Approach For Effective Injection Vulnerability Analysis Of Web Applications Through Security Slicing And Hybrid Constraint

Malicious Users Can Attack Web Applications By Exploiting Injection Vulnerabilities In The Source Code. This Work Addresses The Challenge Of Detecting Injection Vulnerabilities In The Server-side Code Of Java Web Applications In A Scalable And Effective Way. We Propose An Integrated Approach That Seamlessly Combines Security Slicing With Hybrid Constraint Solving; The Latter Orchestrates Automata-based Solving With Meta-heuristic Search. We Use Static Analysis To Extract Minimal Program Slices Relevant To Security From Web Programs And To Generate Attack Conditions. We Then Apply Hybrid Constraint Solving To Determine The Satisfiability Of Attack Conditions And Thus Detect Vulnerabilities. The Experimental Results, Using A Benchmark Comprising A Set Of Diverse And Representative Web Applications/services As Well As Security Benchmark Applications, Show That Our Approach (implemented In The JOACO Tool) Is Significantly More Effective At Detecting Injection Vulnerabilities Than State-of-the-art Approaches, Achieving 98 Percent Recall, Without Producing Any False Alarm. We Also Compared The Constraint Solving Module Of Our Approach With State-of-the-art Constraint Solvers, Using Six Different Benchmark Suites; Our Approach Correctly Solved The Highest Number Of Constraints (665 Out Of 672), Without Producing Any Incorrect Result, And Was The One With The Least Number Of Time-out/failing Cases. In Both Scenarios, The Execution Time Was Practically Acceptable, Given The Offline Nature Of Vulnerability Detection.

JAMMING ATTACKS USING PACKET-HIDING METHODS- JIRS-based Wireless Jamming Attacks- When Jammers Can Attack Without Power

This Letter Proposes To Use Intelligent Reflecting Surface (IRS) As A Green Jammer To Attack A Legitimate Communication Without Using Any Internal Energy To Generate Jamming Signals. In Particular, The IRS Is Used To Intelligently Reflect The Signals From The Legitimate Transmitter To The Legitimate Receiver (LR) To Guarantee That The Received Signals From Direct And Reflecting Links Can Be Added Destructively, Which Thus Diminishes The Signal-to-Interference-plus-Noise Ratio (SINR) At The LR. To Minimize The Received Signal Power At The LR, We Consider The Joint Optimization Of Magnitudes Of Reflection Coefficients And Discrete Phase Shifts At The IRS. Based On The Block Coordinate Descent, Semidefinite Relaxation, And Gaussian Randomization Techniques, The Solution Can Be Obtained Efficiently. Through Simulation Results, We Show That By Using The IRS-based Jammer, We Can Reduce The Signal Power Received At The LR By Up To 99%. Interestingly, The Performance Of The Proposed IRS-based Jammer Is Even Better Than That Of The Conventional Active Jamming Attacks In Some Scenarios.

ONLINE PASSWORD GUSSING ATTACK - Revisiting Defence Against Large Scale Online Password Guessing Attacks

Brute Force And Dictionary Attacks On Password-only Remote Login Services Are Now Widespread And Ever Increasing. Enabling Convenient Login For Legitimate Users While Preventing Such Attacks Is A Difficult Problem. Automated Turing Tests (ATTs) Continue To Be An Effective, Easy-to-deploy Approach To Identify Automated Malicious Login Attempts With Reasonable Cost Of Inconvenience To Users. In This Paper, We Discuss The Inadequacy Of Existing And Proposed Login Protocols Designed To Address Large-scale Online Dictionary Attacks (e.g., From A Botnet Of Hundreds Of Thousands Of Nodes). We Propose A New Password Guessing Resistant Protocol (PGRP), Derived Upon Revisiting Prior Proposals Designed To Restrict Such Attacks. While PGRP Limits The Total Number Of Login Attempts From Unknown Remote Hosts To As Low As A Single Attempt Per Username, Legitimate Users In Most Cases (e.g., When Attempts Are Made From Known, Frequently-used Machines) Can Make Several Failed Login Attempts Before Being Challenged With An ATT. We Analyze The Performance Of PGRP With Two Real-world Data Sets And Find It More Promising Than Existing Proposals.

SECURITY LEAKAGE - Discovery And Resolution Of Anomalies In Web Access Control Policy

Emerging Computing Technologies Such As Web Services, Service-oriented Architecture, And Cloud Computing Has Enabled Us To Perform Business Services More Efficiently And Effectively. However, We Still Suffer From Unintended Security Leakages By Unauthorized Actions In Business Services While Providing More Convenient Services To Internet Users Through Such A Cutting-edge Technological Growth. Furthermore, Designing And Managing Web Access Control Policies Are Often Error-prone Due To The Lack Of Effective Analysis Mechanisms And Tools. In This Paper, We Represent An Innovative Policy Anomaly Analysis Approach For Web Access Control Policies, Focusing On Extensible Access Control Markup Language Policy. We Introduce A Policy-based Segmentation Technique To Accurately Identify Policy Anomalies And Derive Effective Anomaly Resolutions, Along With An Intuitive Visualization Representation Of Analysis Results. We Also Discuss A Proof-of-concept Implementation Of Our Method Called XAnalyzer And Demonstrate How Our Approach Can Efficiently Discover And Resolve Policy Anomalies.

MALICIOUS PEERS - SORT - A Self-Organizing Trust Model For Peer-to-Peer Systems

Open Nature Of Peer-to-peer Systems Exposes Them To Malicious Activity. Building Trust Relationships Among Peers Can Mitigate Attacks Of Malicious Peers. This Paper Presents Distributed Algorithms That Enable A Peer To Reason About Trustworthiness Of Other Peers Based On Past Interactions And Recommendations. Peers Create Their Own Trust Network In Their Proximity By Using Local Information Available And Do Not Try To Learn Global Trust Information. Two Contexts Of Trust, Service, And Recommendation Contexts, Are Defined To Measure Trustworthiness In Providing Services And Giving Recommendations. Interactions And Recommendations Are Evaluated Based On Importance, Recentness, And Peer Satisfaction Parameters. Additionally, Recommender's Trustworthiness And Confidence About A Recommendation Are Considered While Evaluating Recommendations. Simulation Experiments On A File Sharing Application Show That The Proposed Model Can Mitigate Attacks On 16 Different Malicious Behavior Models. In The Experiments, Good Peers Were Able To Form Trust Relationships In Their Proximity And Isolate Malicious Peers.

DENIAL OF SERVICE ATTACKS- Defending Against Denial Of Service Attacks

Due To Its Cost Efficiency The Controller Area Network (CAN) Is Still The Most Wide-spread In-vehicle Bus And The Numerous Reported Attacks Demonstrate The Urgency In Designing New Security Solutions For CAN. In This Work We Propose An Intrusion Detection Mechanism That Takes Advantage Of Bloom Filtering To Test Frame Periodicity Based On Message Identifiers And Parts Of The Data-field Which Facilitates Detection Of Potential Replay Or Modification Attacks. This Proves To Be An Effective Approach Since Most Of The Traffic From In-vehicle Buses Is Cyclic In Nature And The Format Of The Data-field Is Fixed Due To Rigid Signal Allocation. Bloom Filters Provide An Efficient Time-memory Tradeoff Which Is Beneficial For The Constrained Resources Of Automotive Grade Controllers. We Test The Correctness Of Our Approach And Obtain Good Results On An Industry-standard CANoe Based Simulation For A J1939 Commercial-vehicle Bus And Also On CAN-FD Traces Obtained From A Real-world High-end Vehicle. The Proposed Filtering Mechanism Is Straight-forward To Adapt For Any Other Time-triggered In-vehicle Bus, E.g., FlexRay, Since It Is Built On Time-driven Characteristics.

WIRELESS MESH NETWORKS - On The Security Of A Ticket Based Anonymity System With Traceability Property In Wireless Mesh Networks

In 2011, Sun Et Al. Proposed A Security Architecture To Ensure Unconditional Anonymity For Honest Users And Traceability Of Misbehaving Users For Network Authorities In Wireless Mesh Networks (WMNs). It Strives To Resolve The Conflicts Between The Anonymity And Traceability Objectives. In This Paper, We Attacked Sun Et Al. Scheme's Traceability. Our Analysis Showed That Trusted Authority (TA) Cannot Trace The Misbehavior Client (CL) Even If It Double-time Deposits The Same Ticket.

FIREWALL ANOMALY - Detection And Resolution Of Anomalies In Firewall Policy

A Firewall Is A System Acting As An Interface Of A Network To One Or More External Networks. It Implements The Security Policy Of The Network By Deciding Which Packets To Let Through Based On Rules Defined By The Network Administrator. Any Error In Defining The Rules May Compromise The System Security By Letting Unwanted Traffic Pass Or Blocking Desired Traffic. Manual Definition Of Rules Often Results In A Set That Contains Conflicting, Redundant Or Overshadowed Rules, Resulting In Anomalies In The Policy. Manually Detecting And Resolving These Anomalies Is A Critical But Tedious And Error Prone Task. Existing Research On This Problem Have Been Focused On The Analysis And Detection Of The Anomalies In Firewall Policy. Previous Works Define The Possible Relations Between Rules And Also Define Anomalies In Terms Of The Relations And Present Algorithms To Detect The Anomalies By Analyzing The Rules. In This Paper, We Discuss Some Necessary Modifications To The Existing Definitions Of The Relations. We Present A New Algorithm That Will Simultaneously Detect And Resolve Any Anomaly Present In The Policy Rules By Necessary Reorder And Split Operations To Generate A New Anomaly Free Rule Set. We Also Present Proof Of Correctness Of The Algorithm. Then We Present An Algorithm To Merge Rules Where Possible In Order To Reduce The Number Of Rules And Hence Increase Efficiency Of The Firewall.

WATERMARK EMBEDDING- Secure Client-Side ST-DM Watermark Embedding

Client-side Watermark Embedding Systems Have Been Proposed As A Possible Solution For The Copyright Protection In Large-scale Content Distribution Environments. In This Framework, We Propose A New Look-up-table-based Secure Client-side Embedding Scheme Properly Designed For The Spread Transform Dither Modulation Watermarking Method. A Theoretical Analysis Of The Detector Performance Under The Most Known Attack Models Is Presented And The Agreement Between Theoretical And Experimental Results Verified Through Several Simulations. The Experimental Results Also Prove That The Advantages Of The Informed Embedding Technique In Comparison To The Spread-spectrum Watermarking Approach, Which Are Well Known In The Classical Embedding Schemes, Are Preserved In The Client-side Scenario. The Proposed Approach Permits Us To Successfully Combine The Security Of Client-side Embedding With The Robustness Of Informed Embedding Methods.

FAIR CONTRACT-SIGNING PROTOCOL - An Abuse-Free Fair Contract-Signing Protocol Based On The RSA Signature

A Fair Contract-signing Protocol Allows Two Potentially Mistrusted Parities To Exchange Their Commitments (i.e., Digital Signatures) To An Agreed Contract Over The Internet In A Fair Way, So That Either Each Of Them Obtains The Other's Signature, Or Neither Party Does. Based On The RSA Signature Scheme, A New Digital Contract-signing Protocol Is Proposed In This Paper. Like The Existing RSA-based Solutions For The Same Problem, Our Protocol Is Not Only Fair, But Also Optimistic, Since The Trusted Third Party Is Involved Only In The Situations Where One Party Is Cheating Or The Communication Channel Is Interrupted. Furthermore, The Proposed Protocol Satisfies A New Property- Abuse-freeness . That Is, If The Protocol Is Executed Unsuccessfully, None Of The Two Parties Can Show The Validity Of Intermediate Results To Others. Technical Details Are Provided To Analyze The Security And Performance Of The Proposed Protocol. In Summary, We Present The First Abuse-free Fair Contract-signing Protocol Based On The RSA Signature, And Show That It Is Both Secure And Efficient.

DETECTING SPAM ZOMBIES- Detecting Spam Zombies Using Sequential Probability Ratio Test

This Paper Presents A ‘Spam Zombie Detection’ System Which Is An Online System Over The Network That Detects The Spam And The Sender Of The Spam (zombie) Before The Receiver Receives It. Thus All The Detection Work Is Done At Sender Level Itself. This Paper Focuses On A Powerful Statistical Tool Called Sequential Probability Ratio Test, Which Has Bounded False Positive And False Negative Error Rates On Which The Spam Zombie Detection System Is Based. This System Is Mainly Implemented Over The Private Mailing System. It Also Provides The Enhanced Security Mechanism In Which, If The System Which Has Been Hacked I.e. It Has Become A Zombie, Then It Gets Blocked Within The Network.

PRIVATE KEY AGAINST MEMORY DISCLOSURE ATTACKS- Mimosa Protecting Private Keys Against Memory Disclosure Attacks Using Hardware Transactional Memory

Cryptography Is Essential For Computer And Network Security. When Cryptosystems Are Deployed In Computing Or Communication Systems, It Is Extremely Critical To Protect The Cryptographic Keys. In Practice, Keys Are Loaded Into The Memory As Plaintext During Cryptographic Computations. Therefore, The Keys Are Subject To Memory Disclosure Attacks That Read Unauthorized Data From RAM. Such Attacks Could Be Performed Through Software Exploitations, Such As OpenSSL Heartbleed, Even When The Integrity Of The Victim System's Binaries Is Maintained. They Could Also Be Done Through Physical Methods, Such As Cold-boot Attacks, Even If The System Is Free Of Software Vulnerabilities. This Paper Presents Mimosa, To Protect RSA Private Keys Against Both Software-based And Physical Memory Disclosure Attacks. Mimosa Uses Hardware Transactional Memory (HTM) To Ensure That (a) Whenever A Malicious Thread Other Than Mimosa Attempts To Read The Plaintext Private Key, The Transaction Aborts And All Sensitive Data Are Automatically Cleared With Hardware, Due To The Strong Atomicity Guarantee Of HTM; And (b) All Sensitive Data, Including Private Keys And Intermediate States, Appear As Plaintext Only Within CPU-bound Caches, And Are Never Loaded To RAM Chips. To The Best Of Our Knowledge, Mimosa Is The First Solution To Use Transactional Memory To Protect Sensitive Data Against Memory Attacks. However, The Fragility Of TSX Transactions Introduces Extra Cache-clogging Denial-of-service (DoS) Threats, And Attackers Could Sharply Degrade The Performance By Concurrent Memory-intensive Tasks. To Mitigate The DoS Threats, We Further Partition An RSA Private-key Computation Into Multiple Transactional Parts By Analyzing The Distribution Of Aborts, While (sensitive) Intermediate Results Are Still Protected Across Transactional Parts. Through Extensive Experiments, We Show That Mimosa Effectively Protects Cryptographic Keys Against Attacks That Attempt To Read Sensitive Data In Memory, And Introduces Only A Small Performance Overhead, Even With Concurrent Cache-clogging Workloads.

BI-MORPHING- A Bi-Directional Bursting Defense Against Website Fingerprinting Attacks

Network Traffic Analysis Has Been Increasingly Used In Various Applications To Either Protect Or Threaten People, Information, And Systems. Website Fingerprinting Is A Passive Traffic Analysis Attack Which Threatens Web Navigation Privacy. It Is A Set Of Techniques Used To Discover Patterns From A Sequence Of Network Packets Generated While A User Accesses Different Websites. Internet Users (such As Online Activists Or Journalists) May Wish To Hide Their Identity And Online Activity To Protect Their Privacy. Typically, An Anonymity Network Is Utilized For This Purpose. These Anonymity Networks Such As Tor (The Onion Router) Provide Layers Of Data Encryption Which Poses A Challenge To The Traffic Analysis Techniques. Although Various Defenses Have Been Proposed To Counteract This Passive Attack, They Have Been Penetrated By New Attacks That Proved The Ineffectiveness And/or Impracticality Of Such Defenses. In This Work, We Introduce A Novel Defense Algorithm To Counteract The Website Fingerprinting Attacks. The Proposed Defense Obfuscates Original Website Traffic Patterns Through The Use Of Double Sampling And Mathematical Optimization Techniques To Deform Packet Sequences And Destroy Traffic Flow Dependency Characteristics Used By Attackers To Identify Websites. We Evaluate Our Defense Against State-of-the-art Studies And Show Its Effectiveness With Minimal Overhead And Zero-delay Transmission To The Real Traffic.

FAULT DETECTION FILTER- Fault Detection Filter And Controller Co-Design For Unmanned Surface Vehicles Under DoS Attacks

This Paper Addresses The Co-design Problem Of A Fault Detection Filter And Controller For A Networked-based Unmanned Surface Vehicle (USV) System Subject To Communication Delays, External Disturbance, Faults, And Aperiodic Denial-of-service (DoS) Jamming Attacks. First, An Event-triggering Communication Scheme Is Proposed To Enhance The Efficiency Of Network Resource Utilization While Counteracting The Impact Of Aperiodic DoS Attacks On The USV Control System Performance. Second, An Event-based Switched USV Control System Is Presented To Account For The Simultaneous Presence Of Communication Delays, Disturbance, Faults, And DoS Jamming Attacks. Third, By Using The Piecewise Lyapunov Functional (PLF) Approach, Criteria For Exponential Stability Analysis And Co-design Of A Desired Observer-based Fault Detection Filter And An Event-triggered Controller Are Derived And Expressed In Terms Of Linear Matrix Inequalities (LMIs). Finally, The Simulation Results Verify The Effectiveness Of The Proposed Co-design Method. The Results Show That This Method Not Only Ensures The Safe And Stable Operation Of The USV But Also Reduces The Amount Of Data Transmissions.

Modeling And Detection Of Flooding-Based Denial-of-Service Attack In Wireless Ad Hoc Network Using Bayesian Inference

Wireless Ad Hoc Networks Are Widely Useful In Locations Where The Existing Infrastructure Is Difficult To Use, Especially During The Situations Like Flood, Earthquakes, And Other Natural Or Man-made Calamities. Lack Of Centralized Management And Absence Of Secure Boundaries Make These Networks Vulnerable To Various Types Of Attacks. Moreover, The Mobile Nodes Used In These Networks Have Limited Computational Capability, Memory, And Battery Backup. Flooding-based Denial-of-service (DoS) Attack, Which Results In Denial Of Sleep Attack, Targets The Mobile Node's Constrained Resources Which Results In Excess Consumption Of Battery Backup. In SYN Flooding-based DoS Attack, The Attacker Sends A Large Number Of Spoofed SYN Packets Which Not Only Overflow The Target Buffer But Also Creates Network Congestion. The Present Article Is Divided Into Three Parts: 1) Mathematical Modeling For SYN Traffic In The Network Using Bayesian Inference; 2) Proving The Equivalence Of Bayesian Inference With Exponential Weighted Moving Average; And 3) Developing An Efficient Algorithm For The Detection Of SYN Flooding Attack Using Bayesian Inference. Based On The Comprehensive Evaluation Using Mathematical Modeling And Simulation, The Proposed Method Can Successfully Defend Any Type Of Flooding-based DoS Attack In Wireless Ad Hoc Network With Higher Detection Accuracy And Extremely Lower False Detection Rate.

SQL INJECTION ATTACK - A Detection And Prevention Technique On SQL Injection Attacks

With The Web Advancements Are Rapidly Developing, The Greater Part Of Individuals Makes Their Transactions On Web, For Example, Searching Through Data, Banking, Shopping, Managing, Overseeing And Controlling Dam And Business Exchanges, Etc. Web Applications Have Gotten Fit To Numerous Individuals' Day By Day Lives Activities. Dangers Pertinent To Web Applications Have Expanded To Huge Development. Presently A Day, The More The Quantity Of Vulnerabilities Will Be Diminished, The More The Quantity Of Threats Become To Increment. Structured Query Language Injection Attack (SQLIA) Is One Of The Incredible Dangers Of Web Applications Threats. Lack Of Input Validation Vulnerabilities Where Cause To SQL Injection Attack On Web. SQLIA Is A Malicious Activity That Takes Negated SQL Statement To Misuse Data-driven Applications. This Vulnerability Admits An Attacker To Comply Crafted Input To Disclosure With The Application's Interaction With Back-end Databases. Therefore, The Attacker Can Gain Access To The Database By Inserting, Modifying Or Deleting Critical Information Without Legitimate Approval. The Paper Presents An Approach Which Detects A Query Token With Reserved Words-based Lexicon To Detect SQLIA. The Approach Consists Of Two Highlights: The First One Creates Lexicon And The Second Step Tokenizes The Input Query Statement And Each String Token Was Detected To Predefined Words Lexicon To Prevent SQLIA. In This Paper, Detection And Prevention Technologies Of SQL Injection Attacks Are Experimented And The Result Are Satisfactory.

INTERRUPTION DETECTION- Resourceful Interruption Detection With Blossom Filtering In Manager Area Networks

Due To Its Cost Efficiency The Controller Area Network (CAN) Is Still The Most Wide-spread In-vehicle Bus And The Numerous Reported Attacks Demonstrate The Urgency In Designing New Security Solutions For CAN. In This Work We Propose An Intrusion Detection Mechanism That Takes Advantage Of Bloom Filtering To Test Frame Periodicity Based On Message Identifiers And Parts Of The Data-field Which Facilitates Detection Of Potential Replay Or Modification Attacks. This Proves To Be An Effective Approach Since Most Of The Traffic From In-vehicle Buses Is Cyclic In Nature And The Format Of The Data-field Is Fixed Due To Rigid Signal Allocation. Bloom Filters Provide An Efficient Time-memory Tradeoff Which Is Beneficial For The Constrained Resources Of Automotive Grade Controllers. We Test The Correctness Of Our Approach And Obtain Good Results On An Industry-standard CANoe Based Simulation For A J1939 Commercial-vehicle Bus And Also On CAN-FD Traces Obtained From A Real-world High-end Vehicle. The Proposed Filtering Mechanism Is Straight-forward To Adapt For Any Other Time-triggered In-vehicle Bus, E.g., FlexRay, Since It Is Built On Time-driven Characteristics.

STEGANOGRAPHY TECHNIQUES- Hiding Data Using Efficient Combination Of RSA Cryptography And Compression Steganography Techniques

Data Compression Is An Important Part Of Information Security Because Compressed Data Is More Secure And Easy To Handle. Effective Data Compression Technology Creates Efficient, Secure, And Easy-to-connect Data. There Are Two Types Of Compression Algorithm Techniques, Lossy And Lossless. These Technologies Can Be Used In Any Data Format Such As Text, Audio, Video, Or Image File. The Main Objective Of This Study Was To Reduce The Physical Space On The Various Storage Media And Reduce The Time Of Sending Data Over The Internet With A Complete Guarantee Of Encrypting This Data And Hiding It From Intruders. Two Techniques Are Implemented, With Data Loss (Lossy) And Without Data Loss (Lossless). In The Proposed Paper A Hybrid Data Compression Algorithm Increases The Input Data To Be Encrypted By RSA (Rivest-Shamir-Adleman) Cryptography Method To Enhance The Security Level And It Can Be Used In Executing Lossy And Lossless Compacting Steganography Methods. This Technique Can Be Used To Decrease The Amount Of Every Transmitted Data Aiding Fast Transmission While Using Slow Internet Or Take A Small Space On Different Storage Media. The Plain Text Is Compressed By The Huffman Coding Algorithm, And Also The Cover Image Is Compressed By Discrete Wavelet Transform DWT Based That Compacts The Cover Image Through Lossy Compression In Order To Reduce The Cover Image's Dimensions. The Least Significant Bit LSB Will Then Be Used To Implant The Encrypted Data In The Compacted Cover Image. We Evaluated That System On Criteria Such As Percentage Savings Percentage, Compression Time, Compression Ratio, Bits Per Pixel, Mean Squared Error, Peak Signal To Noise Ratio, Structural Similarity Index, And Compression Speed. This System Shows A High-level Performance And System Methodology Compared To Other Systems That Use The Same Methodology.

PROFILE-BASED CLUSTER EVOLUTION ANALYSIS- Identification Of Migration Patterns For Understanding Student Learning Behavior

Educational Process Mining Is One Of The Research Domains That Utilizes Students' Learning Behavior To Match Students' Actual Courses Taken And The Designed Curriculum. While Most Works Attempt To Deal With The Case Perspective (i.e., Traces Of The Cases), The Temporal Case Perspective Has Not Been Discussed. The Temporal Case Perspective Aims To Understand The Temporal Patterns Of Cases (e.g., Students' Learning Behavior In A Semester). This Study Proposes Modified Cluster Evolution Analysis, Called Profile-based Cluster Evolution Analysis, For Students' Learning Behavior Based On Profiles. The Results Show Three Salient Features: (1) Cluster Generation; (2) Within-cluster Generation; And (3) Time-based Between-cluster Generation. The Cluster Evolution Phase Modifies The Existing Cluster Evolution Analysis With A Dynamic Profiler. The Model Was Tested On Actual Educational Data Of The Information System Department In Indonesia. The Results Showed The Learning Behavior Of Students Who Graduated On Time, The Learning Behavior Of Students Who Graduated Late, And The Learning Behavior Of Students Who Dropped Out. Students Changed Their Learning Behavior By Observing The Migration Of Students From Cluster To Cluster For Each Semester. Furthermore, There Were Distinct Learning Behavior Migration Patterns For Each Category Of Students Based On Their Performance. The Migration Pattern Can Suggest To Academic Stakeholders To Understand About Students Who Are Likely To Drop Out, Graduate On Time Or Graduate Late. These Results Can Be Used As Recommendations To Academic Stakeholders For Curriculum Assessment And Development And Dropout Prevention.

NETSPAM- Spam Review Detection Using The Linguistic And Spammer Behavioral Methods

Online Reviews Regarding Different Products Or Services Have Become The Main Source To Determine Public Opinions. Consequently, Manufacturers And Sellers Are Extremely Concerned With Customer Reviews As These Have A Direct Impact On Their Businesses. Unfortunately, To Gain Profits Or Fame, Spam Reviews Are Written To Promote Or Demote Targeted Products Or Services. This Practice Is Known As Review Spamming. In Recent Years, The Spam Review Detection Problem Has Gained Much Attention From Communities And Researchers, But Still There Is A Need To Perform Experiments On Real-world Large-scale Review Datasets. This Can Help To Analyze The Impact Of Widespread Opinion Spam In Online Reviews. In This Work, Two Different Spam Review Detection Methods Have Been Proposed: (1) Spam Review Detection Using Behavioral Method (SRD-BM) Utilizes Thirteen Different Spammer's Behavioral Features To Calculate The Review Spam Score Which Is Then Used To Identify Spammers And Spam Reviews, And (2) Spam Review Detection Using Linguistic Method (SRD-LM) Works On The Content Of The Reviews And Utilizes Transformation, Feature Selection And Classification To Identify The Spam Reviews. Experimental Evaluations Are Conducted On A Real-world Amazon Review Dataset Which Analyze 26.7 Million Reviews And 15.4 Million Reviewers. The Evaluations Show That Both Proposed Models Have Significantly Improved The Detection Process Of Spam Reviews. Specifically, SRD-BM Achieved 93.1% Accuracy Whereas SRD-LM Achieved 88.5% Accuracy In Spam Review Detection. Comparatively, SRD-BM Achieved Better Accuracy Because It Works On Utilizing Rich Set Of Spammers Behavioral Features Of Review Dataset Which Provides In-depth Analysis Of Spammer Behaviour. Moreover, Both Proposed Models Outperformed Existing Approaches When Compared In Terms Of Accurate Identification Of Spam Reviews. To The Best Of Our Knowledge, This Is The First Study Of Its Kind Which Uses Large-scale Review Dataset To Analyze Different Spammers' Behavioral Features And Linguistic Method Utilizing Different Available Classifiers.

DEEP REPRESENTATION BASED FEATURE EXTRACTION AND RECOVERING- Efficient Finger Vein Technology Based On Fast Binary Robust Independent Elementary Feature Combined With Multi-Image Quality Assessment Verification

Finger-vein Biometrics Has Been Extensively Investigated For Personal Verification. Despite Recent Advances In Fingervein Verification, Current Solutions Completely Depend On Domain Knowledge And Still Lack The Robustness To Extract Finger-vein Features From Raw Images. This Paper Proposes A Deep Learning Model To Extract And Recover Vein Features Using Limited A Priori Knowledge. Firstly, Based On A Combination Of Known State Of The Art Handcrafted Finger-vein Image Segmentation Techniques, We Automatically Identify Two Regions: A Clear Region With High Separability Between Finger-vein Patterns And Background, And An Ambiguous Region With Low Separability Between Them. The First Is Associated With Pixels On Which All The Segmentation Techniques Above Assign The Same Segmentation Label (either Foreground Or Background), While The Second Corresponds To All The Remaining Pixels. This Scheme Is Used To Automatically Discard The Ambiguous Region And To Label The Pixels Of The Clear Region As Foreground Or Background. A Training Dataset Is Constructed Based On The Patches Centered On The Labeled Pixels. Secondly, A Convolutional Neural Network (CNN) Is Trained On The Resulting Dataset To Predict The Probability Of Each Pixel Of Being Foreground (i.e. Vein Pixel) Given A Patch Centered On It. The CNN Learns What A Fingervein Pattern Is By Learning The Difference Between Vein Patterns And Background Ones. The Pixels In Any Region Of A Test Image Can Then Be Classified Effectively. Thirdly, We Propose Another New And Original Contribution By Developing And Investigating A Fully Convolutional Network (FCN) To Recover Missing Fingervein Patterns In The Segmented Image. The Experimental Results On Two Public Finger-vein Databases Show A Significant Improvement In Terms Of Finger-vein Verification Accuracy.

OUTSOURCED DATA STREAMS UNDER MULTIPLE KEYS- KV-Fresh Freshness Authentication For Outsourced Multi-Version Key-Value Stores

Data Outsourcing Is A Promising Technical Paradigm To Facilitate Cost-effective Real-time Data Storage, Processing, And Dissemination. In Such A System, A Data Owner Proactively Pushes A Stream Of Data Records To A Third-party Cloud Server For Storage, Which In Turn Processes Various Types Of Queries From End Users On The Data Owner’s Behalf. This Paper Considers Outsourced Multi-version Key-value Stores That Have Gained Increasing Popularity In Recent Years, Where A Critical Security Challenge Is To Ensure That The Cloud Server Returns Both Authentic And Fresh Data In Response To End Users’ Queries. Despite Several Recent Attempts On Authenticating Data Freshness In Outsourced Key-value Stores, They Either Incur Excessively High Communication Cost Or Can Only Offer Very Limited Real-time Guarantee. To Fill This Gap, This Paper Introduces KV-Fresh, A Novel Freshness Authentication Scheme For Outsourced Key-value Stores That Offers Strong Real-time Guarantee. KV-Fresh Is Designed Based On A Novel Data Structure, Linked Key Span Merkle Hash Tree, Which Enables Highly Efficient Freshness Proof By Embedding Chaining Relationship Among Records Generated At Different Time. Detailed Simulation Studies Using A Synthetic Dataset Generated From Real Data Confirm The Efficacy And Efficiency Of KV-Fresh.

MAJORITY VOTING AND PARING- Majority Voting And Paring With Multiple Noisy Labeling

With The Crowdsourcing Of Small Tasks Becoming Easier, It Is Possible To Obtain Non-expert/imperfect Labels At Low Cost. With Low-cost Imperfect Labeling, It Is Straightforward To Collect Multiple Labels For The Same Data Items. This Paper Proposes Strategies Of Utilizing These Multiple Labels For Supervised Learning, Based On Two Basic Ideas: Majority Voting And Pairing. We Show Several Interesting Results Based On Our Experiments. (i) The Strategies Based On The Majority Voting Idea Work Well Under The Situation Where The Certainty Level Is High. (ii) On The Contrary, The Pairing Strategies Are More Preferable Under The Situation Where The Certainty Level Is Low. (iii) Among The Majority Voting Strategies, Soft Majority Voting Can Reduce The Bias And Roughness, And Perform Better Than Majority Voting. (iv) Pairing Can Completely Avoid The Bias By Having Both Sides (potentially Correct And Incorrect/noisy Information) Considered. Beta Estimation Is Applied To Reduce The Impact Of The Noise In Pairing. Our Experimental Results Show That Pairing With Beta Estimation Always Performs Well Under Different Certainty Levels. (v) All Strategies Investigated Are Labeling Quality Agnostic Strategies For Real-world Applications, And Some Of Them Perform Better Than Or At Least Very Close To The Gnostic Strategies.

ONLINE VOTING SYSTEM WITH RELIABLE VOTER- Online Voting System With Reliable Voter Authentication Protocol

A Detailed And Critical Analysis Was Done On Manual And E-voting Systems Implemented. These Systems Exhibited Weaknesses Of Unreliable Protocols, Denial Of Service Attacks Hence The Need To Implement The Public-key Encryption E-voting System. Using Makerere University As A Case Study, The Major Aim Of The Public-key Encryption E-voting System Is To Assure Reliability And Security Of The Protocol Hence Guaranteeing Voting Convenience. Interviews And Document Review Were Used To Determine Inputs, Processes And Outputs. As A Result Of The Requirements Specification, The System Was Summarized Into Three Processes: Access Control Process Which Involves Identification And Authentication Phases For Eligible Voters. Secondly, The Voting Process Was Done By Encrypting Voter's Electronic Ballot Before Submitting To The Server. Finally, The Final Result Was Sorted Through Deciphering The Received Encrypted Information. The System Is More Efficient Than Other E-Voting Systems Since Voters Can Vote From Their Devices Without Extra Cost And Effort, And Encryption Ensures The Security.