This abstract presents a hierarchical Account aided Reputation Management system (ARM) to efficiently and effectively provide cooperation incentives. ARM builds a hierarchical locality aware distributed hash table (DHT) infrastructure for efficient and integrated operation of both reputation and price systems. The infrastructure helps to globally collect all node reputation information in the system, which can […]
PRIVACY-PRESERVING ALGORITHMS FOR DETERMINING AN OPTIMAL MEETING LOCATION FOR MOBILE DEVICES
Privacy of a user’s location or location preferences, with respect to other users and the third-party service provider, is a critical concern in such location-sharing-based applications. Equipped with state-of-the-art smart phones and mobile devices, today’s highly interconnected urban population is increasingly dependent on these gadgets to organize and plan their daily lives. These applications often […]
OPTIMAL MEETING LOCATION DETERMINATION ON MOBILE DEVICES FOR PRIVACY
Smartphone technology in urban communities has enabled mobile users to utilize context-aware services on their devices. Service providers take advantage of this dynamic and ever-growing technology landscape by proposing innovative context-dependent services for mobile subscribers. Location-based Services (LBS), for example, are used by millions of mobile subscribers every day to obtain location-specific information. In this […]
HARD AI PROBLEMS BASED CAPTCHA AS GRAPHICAL PASSWORDS SECURITY PRIMITIVE
In this abstract, we introduce a new security primitive based on hard AI problems, namely, a novel family of graphical pass-word systems integrating Captcha technology, which we call CaRP (Captcha as gRaphical Passwords). CaRP is click-based graphical passwords, where a sequence of clicks on an image is used to derive a password. Unlike other click-based […]
TRUSTEE-BASED SOCIAL AUTHENTICATIONS SYSTEMS FOR SECURITY
In this abstract, we aim to provide systematic study about the security of trustee-based social authentications. To this end, we first propose a novel framework of attacks that are based on the observation that users’ security are correlated in trustee-based social authentications. In these attacks, an attacker initially obtains a small number of compromised users […]
SECURITY OF TRUSTEE-BASED SOCIAL AUTHENTICATIONS AGAINST FOREST FIRE ATTACK
Trustee-based social authentication has attracted increasing attentions and has been shown to be a promising backup authentication mechanism . Specifically, a user’s security in trustee-based social authentications relies on the security of his or her trustees; if all trustees of a user are already compromised, then the attacker can also compromise him or her because […]
SECURE TWO-PARTY DIFFERENTIALLY PRIVATE DATA RELEASE IN THE SEMIHONEST ADVERSARY MODEL FOR VERTICALLY PARTITIONED DATA
In this abstract, we propose an algorithm to securely integrate person-specific sensitive data from two data providers, whereby the integrated data still retain the essential information for supporting data mining tasks. Privacy-preserving data publishing addresses the problem of disclosing sensitive data when mining for useful information. Among the existing privacy models, differential privacy provides one […]
DIFFERENTIALLY PRIVATE DATA RELEASE FOR VERTICALLY PARTITIONED DATA BETWEEN TWO PARTIES
In this abstract, we present an algorithm for differentially private data release for vertically partitioned data between two parties. Additionally, the proposed algorithm satisfies the security definition of the semi honest adversary model. In this model, parties follow the algorithm but may try to deduce additional information from the received messages. Therefore, at any time […]
RISK OF UNKNOWN VULNERABILITIES MEASUREMENT USING K-ZERO DAY SAFETY
This metric then simply counts how many zero-day vulnerabilities are required to compromise a network asset. A larger count will indicate a relatively more secure network, because the likelihood of having more unknown vulnerabilities all available at the same time, applicable to the same network, and exploitable by the same attacker, will be lower. It […]
MEASURING THE RISK OF UNKNOWN VULNERABILITIES USING K-ZERO DAY SAFETY NETWORK SECURITY METRICS
we propose a novel network security metric, k-zero day safety, to address this issue. Roughly speaking, instead of attempting to measure which un-known vulnerabilities are more likely to exist, we start with the worst case assumption that this is not measurable. Our metric then simply counts how many zero-day vulnerabilities are required to compromise a […]