Research Article
Hossein Oraei; Massoud Hadian
Abstract
Digital signature schemes are used to guarantee for non-repudiation and authenticity of any kind of data like documents, messages or software. The Winternitz one-time signature (WOTS) scheme, which can be described using a certain number of so-called function chains, plays an important role in the designof ...
Read More
Digital signature schemes are used to guarantee for non-repudiation and authenticity of any kind of data like documents, messages or software. The Winternitz one-time signature (WOTS) scheme, which can be described using a certain number of so-called function chains, plays an important role in the designof both stateless and stateful many-time signature schemes. The main idea ofWOTS scheme is the use of a limited number of function chains, all of whichbegin at some random values. This work introduces WOTS-GES, a new WOTStype signature scheme in which the need for computing all of the intermediatevalues of the chains is eliminated. More precisely, to compute each algorithmof the proposed scheme, we only need to calculate one intermediate value. Thissignificantly reduces the number of required operations needed to calculate thealgorithms of WOTS-GES. To achieve this results, we have used the concept ofleveled multilinear maps which is also referred to as graded encoding schemes.We expect these results to increase the efficiency of Winternitz based digital signature schemes.
Research Article
Seyed Behnam Andarzian; Behrouz Tork Ladani
Abstract
Most of the current research on static analysis of Android applications for security vetting either work on Java source code or the Dalvik bytecode. Nevertheless, Android allows developers to use C or C++ code in their programs that is compiled into various binary architectures. Moreover, Java and the ...
Read More
Most of the current research on static analysis of Android applications for security vetting either work on Java source code or the Dalvik bytecode. Nevertheless, Android allows developers to use C or C++ code in their programs that is compiled into various binary architectures. Moreover, Java and the native code components (C or C++) can collaborate with each other using Java Native Interface. Recent research shows that native codes are frequently used in both benign and malicious Android applications. Most of the present Android static analysis tools avert considering native codes in their analysis and applied trivial models for their data-flow analysis. As we know only the open source JN-SAF tool has tried to solve this issue statically. However, there are still challenges like libC functions and multi-threading in native codes that we want to address in this work. We presented SANT as an extension of JN-SAF for supporting Static Analysis of Native Threads. We considered modeling libC functions in our data-flow analysis to have a more precise analysis when dealing with security vetting of native codes. We also used control flow and data dependence graphs in SANT to handle multiple concurrent threads and find implicit data-flow between them. Our experiments show that the conducted improvements outperforms JN-SAF in real-world benchmark applications.
Research Article
Farnoush Manavi; Ali Hamzeh
Abstract
With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, ...
Read More
With the spread of information technology in human life, data protection is a critical task. On the other hand, malicious programs are developed, which can manipulate sensitive and critical data and restrict access to this data. Ransomware is an example of such a malicious program that encrypts data, restricts users' access to the system or their data, and then request a ransom payment. Many types of research have been proposed for ransomware detection. Most of these methods attempt to identify ransomware by relying on program behavior during execution. The main weakness of these methods is that it is not explicit how long the program should be monitored to show its real behavior. Therefore, sometimes, these researches cannot detect ransomware early. In this paper, a new method for ransomware detection is proposed that does not need executing the program and uses the PE header of the executable file. To extract effective features from the PE header file, an image is constructed based on PE header. Then, according to the advantages of Convolutional Neural Networks in extracting features from images and classifying them, CNN is used. The proposed method achieves high detection rates. Our results indicate the usefulness and practicality of our method for ransomware detection.
Research Article
Mohammad Erfan Mazaheri; Siavash Bayat Sarmadi; Farhad Taheri Ardakani
Abstract
Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main side-channel attack categories that use the time difference of running an operation in different states. Many powerful ...
Read More
Side-channel attacks are a group of powerful attacks in hardware security that exploit the deficiencies in the implementation of systems. Timing side-channel attacks are one of the main side-channel attack categories that use the time difference of running an operation in different states. Many powerful attacks can be classified into this type of attack, including cache attacks. The limitation of these attacks is the need to run the spy program on the victim's system. Various studies have tried to overcome this limitation by implementing these attacks remotely on JavaScript and WebAssembly. This paper provides the first comprehensive evaluation of timing side-channel attacks on JavaScript and investigates challenges and countermeasures to overcome these attacks. Moreover, by investigating the countermeasures and their strengths and weaknesses, we introduce a detection-based approach, called Lurking Eyes. Our approach has the least reduction in the performance of JavaScript and WebAssembly. The evaluation results show that the Lurking eyes have an accuracy of 0.998, precision of 0.983, and F-measure of 0.983. Considering these values and no limitations, this method can be introduced as an effective way to counter timing side-channel attacks on JavaScript and WebAssembly. Also, we provide a new accurate timer, named Eagle timer, based on WebAssembly memory for implementing these attacks.
Technical Paper
Farshideh Kordi; Hamed Hosseintalaee; Ali Jahanian
Abstract
The template attack is one of the most efficient attacks for exploiting the secret key. Template-based attack extracts a model forthe behavior of side channel information from a device which is similar to the target device and then uses this model to retrievethe correct key on the target victim device. ...
Read More
The template attack is one of the most efficient attacks for exploiting the secret key. Template-based attack extracts a model forthe behavior of side channel information from a device which is similar to the target device and then uses this model to retrievethe correct key on the target victim device. Until now, many researchers have focused on improving the performance of templateattacks ,but recently, a few countermeasures have been proposed to protect the design against these attacks. On the other hand,researches show that regular countermeasures against these attacks are costly. Randomized shuffling in the time domain is knownas a cost-effective countermeasure against side-channel attacks that are widely used. In this article, we implemented an actualtemplate attack and proposed an efficient countermeasure against it.We focus on the time shifting method against template attack.The results show that template attack is very susceptible to this method. The performance of attack on an AES algorithm isconsiderably reduced with this method. We reported the analysis results of our countermeasure. The performance of the attackcan be determined according to various criteria. One of these criteria is the success rate of the attack. According to these results,template attack will be hardened significantly after the proposed protection such that the grade of the key recovery increases from1 with 350K traces in unprotected design to 2100 with 700K traces in the protected circuit. This security improvement gains in thecost of about 7% delay overhead.
Research Article
Mahdieh Ebrahimi; Majid Bayat; Behnam Zahednejad
Abstract
The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical ...
Read More
The medical system remains among the fastest to adopt the Internet of Things. The reason for this trend is that integration Internet of Things(IoT) features into medical devices greatly improve the quality and effectiveness of service. However, there are many unsolved security problems. Due to medical information is critical and important, authentication between users and medical servers is an essential issue. Recently, Park et al. proposed an authentication scheme using Shamir's threshold technique for IoT-based medical information system and claimed that their scheme satisfies all security requirements and is immune to various types of attacks. However, in this paper, we show that Park et al.'s scheme does not achieve user anonymity, forward security, and mutual authentication and it is not resistant to the DoS attacks and then we introduce an improved mutual authentication scheme based on Elliptic Curve Cryptography (ECC) and Shamir 's secret sharing for IoT-based medical information system.In this paper, we formally analyze the security properties of our scheme via the ProVerif. Moreover, we compare our proposed scheme with other related schemes in terms of security and performance.
Research Article
Saeed Banaeian Far; Maryam Rajabzadeh Assar
Abstract
A certificateless (CL) signcryption scheme is a cryptographic primitive that provides user authentication and message confidentiality at the same time. CL signcryption schemes (as a type of certificateless encryption scheme) have solved problems concerning malicious server presentation, and the server ...
Read More
A certificateless (CL) signcryption scheme is a cryptographic primitive that provides user authentication and message confidentiality at the same time. CL signcryption schemes (as a type of certificateless encryption scheme) have solved problems concerning malicious server presentation, and the server who issues users' partial private keys and certificates cannot obtain users' signing keys. Therefore, the CL signcryption scheme is an excellent choice for protecting users' signing keys and providing user authentication and message confidentiality. Moreover, signcryption schemes have lower computational costs than signature and encryption schemes. The present study presents a short and efficient CL signcryption scheme based on the hyperelliptic curve (HC). Applying HC as the calculation base for designing the presented CL signcryption scheme reduces key-length from 160 bits to 80. The presented CL signcryption scheme is shorter than other recently-proposed ones with regard to communication overhead with its less than one-third shorter length compared to the shortest of the others. Moreover, it is more efficient than other recently-proposed CL signcryption schemes in the user-side computational cost, including the \textit{key generation} and \textit{user key generation} phases that have been halved in total. Finally, the security of the presented CL signcryption scheme was analyzed in the random oracle (RO) model based on the hardness of the point factorization problem (PFP) on HC.
Research Article
Mitra Alidoosti; Alireza Nowroozi; Ahmad Nickabadi
Abstract
Parallel execution of multiple threads of a web application will result in server-side races if the web application is not synchronized correctly. Server-side race is susceptible to flaws in the relation between the server and the database. Detecting the race condition in the web applications depends ...
Read More
Parallel execution of multiple threads of a web application will result in server-side races if the web application is not synchronized correctly. Server-side race is susceptible to flaws in the relation between the server and the database. Detecting the race condition in the web applications depends on the business logic of the application. No logic-aware approach has been presented to deal with race conditions. Furthermore, most existing approaches either result in DoS or are not applicable with false positive. In this study, the session puzzling race conditions existing in a web application are classified and described. In addition, we present Business-Layer Session Puzzling Racer, a black-box approach for dynamic application security testing, to detect the business-layer vulnerability of the application against session puzzling race conditions. Experiments on well-known and widely used web applications showed that Business-Layer Session Puzzling Racer is able to detect the business layer vulnerabilities of these applications against race conditions. In addition, the amount of traffic generated to identify the vulnerabilities has been improved by about 94.38% by identifying the business layer of the application. Thus, Business-Layer Session Puzzling Racer does not result in DoS.
Research Article
Mahdieh Abazar; Peyman Masjedi; Mohammad Taheri
Abstract
Steganalysis is an interesting classification problem to discriminate the images, including hidden messages from the clean ones. There are many methods, including deep CNN networks, to extract fine features for this classification task. Also, some researches have been conducted to improve the final classifier. ...
Read More
Steganalysis is an interesting classification problem to discriminate the images, including hidden messages from the clean ones. There are many methods, including deep CNN networks, to extract fine features for this classification task. Also, some researches have been conducted to improve the final classifier. Some state-of-the-art methods use ensemble of networks by a voting strategy to achieve more stable performance. In this paper, a selection phase is proposed to filter improper networks before any voting. This filtering is done by a binary relevance multi-label classification approach. Xu-Net and ResT-Net, the most famous state-of-the-art Steganalysis ensemble models, are considered as the base networks for feature extraction. The Logistic Regression (LR) is chosen here as the last layer of the networks for classification. One large-margin Fisher's linear discriminant (FLD) classifier is trained for each one of the networks to measure its suitability in classifying the query image. The proposed method with different approaches is applied on the BOSSbase dataset and compared to traditional voting and some state-of-the-art related ensemble techniques. The results show significant accuracy improvement of the proposed method in comparison with others.