Among the LTE-A communication techniques, Device-to-Device (D2D) communication which is defined to directly route data traffic between spatially closely located mobile user equipments (UEs), holds ...great promise in improving energy efficiency, throughput, delay, as well as spectrum efficiency. As a combination of ad-hoc and centralized communication mechanisms, D2D communication enables researchers to merge together the long-term development achievements in previously disjoint domains of ad-hoc networking and centralized networking. To help researchers to have a systematic understanding of the emerging D2D communication, we provide in this paper a comprehensive survey of available D2D related research works ranging from technical papers to experimental prototypes to standard activities, and outline some open research problems which deserve further studies.
The notion of verifiable database (VDB) enables a resource-constrained client to securely outsource a very large database to an untrusted server so that it could later retrieve a database record and ...update a record by assigning a new value. Also, any attempt by the server to tamper with the data will be detected by the client. When the database undergoes frequent while small modifications, the client must re-compute and update the encrypted version (ciphertext) on the server at all times. For very large data, it is extremely expensive for the resources-constrained client to perform both operations from scratch. In this paper, we formalize the notion of verifiable database with incremental updates (Inc-VDB). Besides, we propose a general Inc-VDB framework by incorporating the primitive of vector commitment and the encrypt-then-incremental MAC mode of encryption. We also present a concrete Inc-VDB scheme based on the computational Diffie-Hellman (CDH) assumption. Furthermore, we prove that our construction can achieve the desired security properties.
Wireless sensor networks (WSNs) will be integrated into the future Internet as one of the components of the Internet of Things, and will become globally addressable by any entity connected to the ...Internet. Despite the great potential of this integration, it also brings new threats, such as the exposure of sensor nodes to attacks originating from the Internet. In this context, lightweight authentication and key agreement protocols must be in place to enable end-to-end secure communication. Recently, Amin et al. proposed a three-factor mutual authentication protocol for WSNs. However, we identified several flaws in their protocol. We found that their protocol suffers from smart card loss attack where the user identity and password can be guessed using offline brute force techniques. Moreover, the protocol suffers from known session-specific temporary information attack, which leads to the disclosure of session keys in other sessions. Furthermore, the protocol is vulnerable to tracking attack and fails to fulfill user untraceability. To address these deficiencies, we present a lightweight and secure user authentication protocol based on the Rabin cryptosystem, which has the characteristic of computational asymmetry. We conduct a formal verification of our proposed protocol using ProVerif in order to demonstrate that our scheme fulfills the required security properties. We also present a comprehensive heuristic security analysis to show that our protocol is secure against all the possible attacks and provides the desired security features. The results we obtained show that our new protocol is a secure and lightweight solution for authentication and key agreement for Internet-integrated WSNs.
With the rapid development of cloud services, the techniques for securely outsourcing the prohibitively expensive computations to untrusted servers are getting more and more attention in the ...scientific community. Exponentiations modulo a large prime have been considered the most expensive operations in discrete-logarithm-based cryptographic protocols, and they may be burdensome for the resource-limited devices such as RFID tags or smartcards. Therefore, it is important to present an efficient method to securely outsource such operations to (untrusted) cloud servers. In this paper, we propose a new secure outsourcing algorithm for (variable-exponent, variable-base) exponentiation modulo a prime in the two untrusted program model. Compared with the state-of-the-art algorithm, the proposed algorithm is superior in both efficiency and checkability. Based on this algorithm, we show how to achieve outsource-secure Cramer-Shoup encryptions and Schnorr signatures. We then propose the first efficient outsource-secure algorithm for simultaneous modular exponentiations. Finally, we provide the experimental evaluation that demonstrates the efficiency and effectiveness of the proposed outsourcing algorithms and schemes.
The advent of the cloud computing makes storage outsourcing become a rising trend, which promotes the secure remote data auditing a hot topic that appeared in the research literature. Recently some ...research consider the problem of secure and efficient public data integrity auditing for shared dynamic data. However, these schemes are still not secure against the collusion of cloud storage server and revoked group users during user revocation in practical cloud storage system. In this paper, we figure out the collusion attack in the exiting scheme and provide an efficient public integrity auditing scheme with secure group user revocation based on vector commitment and verifier-local revocation group signature. We design a concrete scheme based on the our scheme definition. Our scheme supports the public checking and efficient user revocation and also some nice properties, such as confidently, efficiency, countability and traceability of secure group user revocation. Finally, the security and experimental analysis show that, compared with its relevant schemes our scheme is also secure and efficient.
Android malware severely threaten system and user security in terms of privilege escalation, remote control, tariff theft, and privacy leakage. Therefore, it is of great importance and necessity to ...detect Android malware. In this paper, we present a combination method for Android malware detection based on the machine learning algorithm. First, we construct the control flow graph of the application to obtain API information. Based on the API information, we innovatively construct Boolean, frequency, and time-series data sets. Based on these three data sets, three detection models for Android malware detection regarding API calls, API frequency, and API sequence aspects are constructed. Ultimately, an ensemble model is constructed for conformity. We tested and compared the accuracy and stability of our detection models through a large number of experiments. The experiments were conducted on 10010 benign applications and 10683 malicious applications. The results show that our detection model achieves 98.98% detection precision and has high accuracy and stability. All of the results are consistent with the theoretical analysis in this paper.
Clinical decision support system, which uses advanced data mining techniques to help clinician make proper decisions, has received considerable attention recently. The advantages of clinical decision ...support system include not only improving diagnosis accuracy but also reducing diagnosis time. Specifically, with large amounts of clinical data generated everyday, naïve Bayesian classification can be utilized to excavate valuable information to improve a clinical decision support system. Although the clinical decision support system is quite promising, the flourish of the system still faces many challenges including information security and privacy concerns. In this paper, we propose a new privacy-preserving patient-centric clinical decision support system, which helps clinician complementary to diagnose the risk of patients' disease in a privacy-preserving way. In the proposed system, the past patients' historical data are stored in cloud and can be used to train the naïve Bayesian classifier without leaking any individual patient medical data, and then the trained classifier can be applied to compute the disease risk for new coming patients and also allow these patients to retrieve the top-k disease names according to their own preferences. Specifically, to protect the privacy of past patients' historical data, a new cryptographic tool called additive homomorphic proxy aggregation scheme is designed. Moreover, to leverage the leakage of naïve Bayesian classifier, we introduce a privacy-preserving top-k disease names retrieval protocol in our system. Detailed privacy analysis ensures that patient's information is private and will not be leaked out during the disease diagnosis phase. In addition, performance evaluation via extensive simulations also demonstrates that our system can efficiently calculate patient's disease risk with high accuracy in a privacy-preserving way.
A dynamic group key is required for secure communication in the Unmanned Aerial Vehicles Ad-Hoc Network (UAANET). However, due to the unreliable wireless channel and high-dynamic topology of UAANET, ...the situation that a node is missing certain group key broadcast messages occurs frequently. Existing group key distribution schemes cannot be directly applied to the UAANET, because of their poor security or real-time. Therefore, we present a mutual-healing group key distribution scheme based on the blockchain. Firstly, the Ground Control Station (GCS) builds a private blockchain where the group keys distributed by GCS are recorded. Meanwhile, through the blockchain, a dynamic list of UAANET membership certificates is also managed. According to different attack models, a basic mutual-healing protocol and an enhanced one are designed based on the Longest-Lost-Chain mechanism to recover the node's lost group keys with the aid of its neighbors. Security analysis and extensive experiments show that, compared with the existing mutual-healing schemes, our proposed solution can effectively resist various attacks with small overhead on time and storage.
Mg doped CuO–Fe2O3 composites were hydrothermally synthesized and characterized by powder X-ray diffraction (XRD), scanning electron microscopy (SEM) and Raman spectroscopy. Mg doping improved the ...catalytic performance of CuO–Fe2O3 for phenol degradation as the removal efficiency of phenol (33 mg/L) reached up to 84.36% within 45 min using 3.2% Mg doped CuO–Fe2O3 when coupled with persulfate (PS) system. The results revealed that Mg doping generated more defects (oxygen vacancies), which result in the generation of more active species during the degradation process. The influence of catalysts and PS dosages were investigated to obtain the optimum conditions. The effects of pH and dissolved oxygen were also evaluated. Increase of solution pH was found to be beneficial for the removal of phenol because of reduced copper leaching at higher pH. However, decrease in dissolved oxygen concentration retarded the degradation of phenol because of the reduced production of O2•-. Based on the quenching experiments and ESR experiments, 1O2, O2•-, ·OH and ·SO4− were confirmed as the active species in the phenol degradation process and a phenol degradation pathway was proposed. Other contaminants such as nitrobenzene (NB), P-nitrophenol (PNP) and P-Chlorophenol (4-CP) could also be removed to some extent using the present catalyst system.
Display omitted
•Mg doping improved the catalytic phenol degradation of CuO–Fe2O3.•1O2, O2.•-, ·OH and ·SO4− were confirmed as the active species in phenol degradation•Nitrobenzene, P-nitrophenol and P-Chlorophenol were removed by Mg-doped CuO–Fe2O3.
With the popularity of Android smartphones, malicious applications targeted Android platform have explosively increased. Proposing effective Android malware detection method for preventing the spread ...of malware has become an emerging issue. Various features extracted through static and dynamic analysis in conjunction with machine learning algorithm have been the mainstream in large-scale malware identification. In general, static analysis becomes invalid in detecting applications which adopt sophisticated obfuscation techniques like encryption or dynamic code loading. However, dynamic analysis is suitable to deal with these evasion techniques. In this paper, we propose an effective dynamic analysis framework, called EnDroid, in the aim of implementing highly precise malware detection based on multiple types of dynamic behavior features. These features cover system-level behavior trace and common application-level malicious behaviors like personal information stealing, premium service subscription, and malicious service communication. In addition, EnDroid adopts feature selection algorithm to remove noisy or irrelevant features and extracts critical behavior features. Extracting behavior features through runtime monitor, EnDroid is able to distinguish malicious from benign applications with ensemble learning algorithm. Through experiments, we prove the effectiveness of EnDroid on two datasets. Furthermore, we find Stacking achieves the best classification performance and is promising in Android malware detection.