Research Article
Danial Shiraly; Nasrollah Pakniat; Ziba Eslami
Abstract
Public key encryption with keyword search (PEKS) is a cryptographic primitive designed for performing secure search operations over encrypted data stored on untrusted cloud servers. However, in some applications of cloud computing, there is a hierarchical access-privilege setup among users so that upper-level ...
Read More
Public key encryption with keyword search (PEKS) is a cryptographic primitive designed for performing secure search operations over encrypted data stored on untrusted cloud servers. However, in some applications of cloud computing, there is a hierarchical access-privilege setup among users so that upper-level users should be able to monitor data used by lower-level ones in the hierarchy. To support such situations, Wang et al. introduced the notion of hierarchical ID-based searchable encryption. However, Wang et al.'s construction suffers from a serious security problem. To provide a PEKS scheme that securely supports hierarchical structures, Li et al. introduced the notion of hierarchical public key encryption with keyword search (HPEKS). However, Li et al.'s HPEKS scheme is established on traditional public key infrastructure (PKI) which suffers from costly certificate management problem. To address these issues, in this paper, we consider designated-server HPEKS in identity-based setting. We introduce the notion of designated-server hierarchical identity-based searchable encryption (dHIBSE) and provide a formal definition of its security model. We then propose a dHIBSE scheme and prove its security under our model. Finally, we provide performance analysis as well as comparisons with related schemes to show the overall superiority of our dHIBSE scheme.
Research Article
Hadi Aghaee; Bahareh Akhbari
Abstract
In this paper, we want to investigate classical-quantum multiple access wiretap channels (CQ-MA-WTC) under one-shot setting. In this regard, we analyze the CQ-MA-WTC using a simultaneous position-based decoder for reliable decoding and using a newly introduced technique to decode securely. Also, for ...
Read More
In this paper, we want to investigate classical-quantum multiple access wiretap channels (CQ-MA-WTC) under one-shot setting. In this regard, we analyze the CQ-MA-WTC using a simultaneous position-based decoder for reliable decoding and using a newly introduced technique to decode securely. Also, for the sake of comparison, we analyze the CQ-MA-WTC using Sen’s one-shot joint typicality lemma for reliable decoding. The simultaneous position-based decoder tends to a multiple hypothesis testing problem. Also, using convex splitting to analyze the privacy criteria in a simultaneous scenario becomesproblematic. To overcome both problems, we first introduce a new channel that can be considered as a dual to the CQ-MA-WTC. This channel is called a point-to-point quantum wiretap channel with multiple messages (PP-QWTC). In the following, as a strategy to solve the problem, we also investigate and analyze quantum broadcast channels (QBC) in the one-shot regime.
Research Article
Parichehr Dadkhah; Mohammad Dakhilalian; Parvin Rastegari
Abstract
Wireless Body Area Networks (WBANs) have attracted a lot of attention in recent researches as they play a vital role in diagnosing, controlling and treating diseases. These networks can improve the quality of medical services by following the health status of people and providing online medical advice ...
Read More
Wireless Body Area Networks (WBANs) have attracted a lot of attention in recent researches as they play a vital role in diagnosing, controlling and treating diseases. These networks can improve the quality of medical services by following the health status of people and providing online medical advice for them, momentarily. Despite the numerous advantages of these networks, they may cause irrecoverable problems for patients, if security considerations are not properly met. So, it is very important to find solutions for satisfying security requirements in these networks. A signcryption scheme can be considered as one of the most important cryptographic tools for providing the security requirements in WBANs. Recently, Kasyoka et al. proposed a signcryption scheme based on which they designed an access control protocol for WBANs. They proved the security of their proposals in the random oracle model (ROM). In this paper, we concentrate on Kasyoka et al.’s proposals and show that their proposed signcryption scheme and consequently their proposed access control protocol for WBANs are vulnerable against various attacks, in contrast to their claims. Afterward, we fix the scheme to be secure against our proposed attacks.
Research Article
Amirhosein Salehi; Siavash Ahmadi; Mohammad Reza Aref
Abstract
Industrial control systems are widely used in industrial sectors and critical infrastructures to monitor and control industrial processes. Recently, the security of industrial control systems has attracted a lot of attention, because these systems are now increasingly interacting with the Internet. Classic ...
Read More
Industrial control systems are widely used in industrial sectors and critical infrastructures to monitor and control industrial processes. Recently, the security of industrial control systems has attracted a lot of attention, because these systems are now increasingly interacting with the Internet. Classic systems are suffering from many security problems and with the expansionof Internet connectivity, they are now exposed to new types of threats and cyber-attacks. Addressing this, intrusion detection technology is one of the most important security solutions that is used in industrial control systems to identifypotential attacks and malicious activities. In this paper, we propose Stacked Autoencoder-Deep Neural Network (SAE-DNN), as a semi-supervised Intrusion Detection System (IDS) with appropriate performance and applicability on a wide range of Cyber-Physical Systems (CPSs). The proposed approach comprises a stacked autoencoder, a deep learning-based feature extractor, helping us with a low dimension and low noise representation of data. In addition, our system includes a deep neural network (DNN)-based classifier, which is used to detect anomalies with a high detection rate and low false positive rate in a real-time process. The SAE-DNN’s performance is evaluated on the WADI dataset, which is a real testbed for a water distribution system. The results indicate the superior performance of our approach over existing supervised and unsupervised methods while using a few percentages of labeled data.
Research Article
Atieh Bakhshandeh; Abdalsamad Keramatfar; Amir Norouzi; Mohammad M. Chekidehkhoun
Abstract
In recent years, artificial intelligence has had a conspicuous growth in almost every aspect of life. One of the most applicable areas is security code review, in which a lot of AI-based tools and approaches have been proposed. Recently, ChatGPT has caught a huge amount of attention with its remarkable ...
Read More
In recent years, artificial intelligence has had a conspicuous growth in almost every aspect of life. One of the most applicable areas is security code review, in which a lot of AI-based tools and approaches have been proposed. Recently, ChatGPT has caught a huge amount of attention with its remarkable performance in following instructions and providing a detailed response. Regarding the similarities between natural language and code, in this paper, we study the feasibility of using ChatGPT for vulnerability detection in Python source code. Toward this goal, we feed an appropriate prompt along withvulnerable data to ChatGPT and compare its results on two datasets with the results of three widely used Static Application Security Testing tools (Bandit, Semgrep, and SonarQube). We implement different kinds of experiments with ChatGPT and the results indicate that ChatGPT reduces the false positive and false negative rates and has the potential to be used for Python source code vulnerability detection.
Research Article
Iman Jafarian; Siavash Khorsandi
Abstract
The Internet of Things has significantly improved healthcare with its promise of transforming technological, social, and economic perspectives. Medical devices with wireless internet access enable remote monitoring of patients, and collectively, these increasingly smart and connected medical devices ...
Read More
The Internet of Things has significantly improved healthcare with its promise of transforming technological, social, and economic perspectives. Medical devices with wireless internet access enable remote monitoring of patients, and collectively, these increasingly smart and connected medical devices can provide unique and contemporary medical and health services envisioned to be deployed in a large-scale fashion. For this, medical data and records generally are collected, stored, and shared through open-air wireless networks and public cloud infrastructures, which poses severe challenges regarding the confidentiality of sensitive medical data while maintaining low service overhead and system complexity. This paper presents a novel scheme for secure cloud-assisted Internet of Medical Things connecting patients/smart medical devices to smart applications/medical service providers in a scalable one-to-many fashion to make novel medical services practical. The proposed scheme uses index-based searchable encryption for data screening without decryption. It uses a low-overhead proxy re-encryption scheme for secure data sharing through public clouds
Research Article
Mojtaba Shirinjani; Siavash Ahmadi; Taraneh Eghlidos; Mohammad Reza Aref
Abstract
Large-scale data collection is challenging in alternative centralized learning as privacy concerns or prohibitive policies may rise. As a solution, Federated Learning (FL) is proposed wherein data owners, called participants, can train a common model collaboratively while their privacy is preserved. ...
Read More
Large-scale data collection is challenging in alternative centralized learning as privacy concerns or prohibitive policies may rise. As a solution, Federated Learning (FL) is proposed wherein data owners, called participants, can train a common model collaboratively while their privacy is preserved. However, recent attacks, namely Membership Inference Attacks (MIA) or Poisoning Attacks (PA), can threaten the privacy and performance in FL systems. This paper develops an innovative Adversarial-Resilient Privacy-preserving Scheme (ARPS) for FL to cope with preceding threats using differential privacy andcryptography. Our experiments display that ARPS can establish a private model with high accuracy outperforming state-of-the-art approaches. To the best of our knowledge, this work is the only scheme providing privacy protection beyond any output models in conjunction with Byzantine resiliency without sacrificing accuracy and efficiency.