2024
Jia, Meng; Chen, Jing; He, Kun; Shi, Min; Wang, Yuanzheng; Du, Ruiying
Generic Construction of Threshold Credential Management With User-Autonomy Aggregation Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 19, pp. 2549-2564, 2024, ISSN: 1556-6021.
@article{10375517,
title = {Generic Construction of Threshold Credential Management With User-Autonomy Aggregation},
author = {Meng Jia and Jing Chen and Kun He and Min Shi and Yuanzheng Wang and Ruiying Du},
url = {https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=\&arnumber=10375517
https://datasec.whu.edu.cn/wp-content/uploads/2024/01/Generic_Construction_of_Threshold_Credential_Management_With_User-Autonomy_Aggregation.pdf},
doi = {10.1109/TIFS.2023.3347897},
issn = {1556-6021},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {19},
pages = {2549-2564},
abstract = {Credential management is widely used in online services such as electronic identity cards, e-health, and e-voting, in which users prove their identity or attributes with credentials issued by authorities. Under some circumstances, a user needs to prove her/his identity or attributes in multiple credentials to a verifier. In existing credential management systems, a user either proves her/his credentials one by one or requests new credentials from authorities with the original ones, and they are inefficient in practice. Moreover, existing decentralized credential management systems either rely on multiple single parties or do not support attribute revocation. In this paper, we present a threshold credential management system with threshold issuance and revocation and user-autonomy aggregation. Specifically, we design a decentralized credential management architecture where multiple authorities form an alliance and manage credentials collaboratively. Then, we propose a threshold credential management scheme, where user issuance and revocation must be approved by multiple credential managers, and a user can aggregate her/his credentials and prove them to a verifier simultaneously. We conduct experiments on our system and the results demonstrate that it is suitable in practice.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Credential management is widely used in online services such as electronic identity cards, e-health, and e-voting, in which users prove their identity or attributes with credentials issued by authorities. Under some circumstances, a user needs to prove her/his identity or attributes in multiple credentials to a verifier. In existing credential management systems, a user either proves her/his credentials one by one or requests new credentials from authorities with the original ones, and they are inefficient in practice. Moreover, existing decentralized credential management systems either rely on multiple single parties or do not support attribute revocation. In this paper, we present a threshold credential management system with threshold issuance and revocation and user-autonomy aggregation. Specifically, we design a decentralized credential management architecture where multiple authorities form an alliance and manage credentials collaboratively. Then, we propose a threshold credential management scheme, where user issuance and revocation must be approved by multiple credential managers, and a user can aggregate her/his credentials and prove them to a verifier simultaneously. We conduct experiments on our system and the results demonstrate that it is suitable in practice.
陈晶,; 杨浩,; 何琨,; 李凯,; 加梦,; 杜瑞颖,
区块链扩展技术现状与展望 Journal Article
In: 软件学报, vol. 35, no. 2, pp. 828, 2024.
@article{2024828,
title = {区块链扩展技术现状与展望},
author = {陈晶 and 杨浩 and 何琨 and 李凯 and 加梦 and 杜瑞颖},
doi = {10.13328/j.cnki.jos.006954},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {软件学报},
volume = {35},
number = {2},
pages = {828},
publisher = {科学出版社},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Liang, Ruichao; Chen, Jing; He, Kun; Wu, Yueming; Deng, Gelei; Du, Ruiying; Wu, Cong
PonziGuard: Detecting Ponzi Schemes on Ethereum with Contract Runtime Behavior Graph (CRBG) Proceedings Article
In: Proceedings of the 46th IEEE/ACM International Conference on Software Engineering, Association for Computing Machinery, <conf-loc>, <city>Lisbon</city>, <country>Portugal</country>, </conf-loc>, 2024, ISBN: 9798400702174.
@inproceedings{10.1145/3597503.3623318,
title = {PonziGuard: Detecting Ponzi Schemes on Ethereum with Contract Runtime Behavior Graph (CRBG)},
author = {Ruichao Liang and Jing Chen and Kun He and Yueming Wu and Gelei Deng and Ruiying Du and Cong Wu},
url = {https://doi.org/10.1145/3597503.3623318
https://datasec.whu.edu.cn/wp-content/uploads/2024/02/PonziGuard-DetectingPonziSchemesonEthereumwith-ContractRuntimeBehaviorGraphCRBG.pdf},
doi = {10.1145/3597503.3623318},
isbn = {9798400702174},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
booktitle = {Proceedings of the 46th IEEE/ACM International Conference on Software Engineering},
publisher = {Association for Computing Machinery},
address = {\<conf-loc\>, \<city\>Lisbon\</city\>, \<country\>Portugal\</country\>, \</conf-loc\>},
series = {ICSE '24},
abstract = {Ponzi schemes, a form of scam, have been discovered in Ethereum smart contracts in recent years, causing massive financial losses. Rule-based detection approaches rely on pre-defined rules with limited capabilities and domain knowledge dependency. Additionally, using static information like opcodes and transactions for machine learning models fails to effectively characterize the Ponzi contracts, resulting in poor reliability and interpretability.In this paper, we propose PonziGuard, an efficient Ponzi scheme detection approach based on contract runtime behavior. Inspired by the observation that a contract's runtime behavior is more effective in disguising Ponzi contracts from the innocent contracts, PonziGuard establishes a comprehensive graph representation called contract runtime behavior graph (CRBG), to accurately depict the behavior of Ponzi contracts. Furthermore, it formulates the detection process as a graph classification task, enhancing its overall effectiveness. We conducted comparative experiments on a ground-truth dataset and applied PonziGuard to Ethereum Mainnet. The results show that PonziGuard outperforms the current state-of-the-art approaches and is also effective in open environments. Using PonziGuard, we have identified 805 Ponzi contracts on Ethereum Mainnet, which have resulted in an estimated economic loss of 281,700 Ether or approximately $500 million USD.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Ponzi schemes, a form of scam, have been discovered in Ethereum smart contracts in recent years, causing massive financial losses. Rule-based detection approaches rely on pre-defined rules with limited capabilities and domain knowledge dependency. Additionally, using static information like opcodes and transactions for machine learning models fails to effectively characterize the Ponzi contracts, resulting in poor reliability and interpretability.In this paper, we propose PonziGuard, an efficient Ponzi scheme detection approach based on contract runtime behavior. Inspired by the observation that a contract's runtime behavior is more effective in disguising Ponzi contracts from the innocent contracts, PonziGuard establishes a comprehensive graph representation called contract runtime behavior graph (CRBG), to accurately depict the behavior of Ponzi contracts. Furthermore, it formulates the detection process as a graph classification task, enhancing its overall effectiveness. We conducted comparative experiments on a ground-truth dataset and applied PonziGuard to Ethereum Mainnet. The results show that PonziGuard outperforms the current state-of-the-art approaches and is also effective in open environments. Using PonziGuard, we have identified 805 Ponzi contracts on Ethereum Mainnet, which have resulted in an estimated economic loss of 281,700 Ether or approximately $500 million USD.
Wang, Mei; Chen, Jing; He, Kun; Yu, Ruozhou; Du, Ruiying; Qian, Zhihao
UFinAKA: Fingerprint-Based Authentication and Key Agreement With Updatable Blind Credentials Journal Article
In: IEEE/ACM Transactions on Networking, vol. 32, iss. 2, pp. 1110-1123, 2024.
@article{10250445,
title = {UFinAKA: Fingerprint-Based Authentication and Key Agreement With Updatable Blind Credentials},
author = {Mei Wang and Jing Chen and Kun He and Ruozhou Yu and Ruiying Du and Zhihao Qian},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2024/03/UFinAKA-Fingerprint-Based-Authentication-and-Key-Agreement-With-Updatable-Bind-Credentials.pdf},
doi = {10.1109/TNET.2023.3311130},
year = {2024},
date = {2024-01-01},
urldate = {2023-01-01},
journal = {IEEE/ACM Transactions on Networking},
volume = {32},
issue = {2},
pages = {1110-1123},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Li, Qiao; Chen, Jing; He, Kun; Zhang, Zijun; Du, Ruiying; She, Jisi; Wang, Xinxin
Model-agnostic adversarial example detection via high-frequency amplification Journal Article
In: Computers & Security, vol. 141, pp. 103791, 2024, ISSN: 0167-4048.
@article{LI2024103791,
title = {Model-agnostic adversarial example detection via high-frequency amplification},
author = {Qiao Li and Jing Chen and Kun He and Zijun Zhang and Ruiying Du and Jisi She and Xinxin Wang},
url = {https://www.sciencedirect.com/science/article/pii/S0167404824000920
https://datasec.whu.edu.cn/wp-content/uploads/2024/04/model-agnostic-adversarial-example-detection-via-high-frequency-amplification.pdf
},
doi = {https://doi.org/10.1016/j.cose.2024.103791},
issn = {0167-4048},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {Computers \& Security},
volume = {141},
pages = {103791},
abstract = {Image classification based on Deep Neural Networks (DNNs) is vulnerable to adversarial examples, which make the classifier output incorrect predictions. One approach to defending against this attack is to detect whether the input is an adversarial example. Unfortunately, existing adversarial example detection methods heavily rely on the underlying classifier and may fail when the classifier is upgraded. In this paper, we propose a model-agnostic detection method that leverages high-frequency signals from adversarial noises in adversarial examples and does not need interactions with the underlying classifier. We amplify redundant high-frequency signals brought by adversarial noises and represent object boundaries with these signals in an image. Our key insight is that the boundaries extracted by redundant high-frequency signals have a strong correlation with the boundaries of images in adversarial examples, while this correlation does not exist in clean images. Furthermore, adversarial examples of large images have more high-frequency signals and make adversarial detection easier on large image datasets. Experimental results show that our method has good transferability and can accurately detect various adversarial examples on different datasets.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Image classification based on Deep Neural Networks (DNNs) is vulnerable to adversarial examples, which make the classifier output incorrect predictions. One approach to defending against this attack is to detect whether the input is an adversarial example. Unfortunately, existing adversarial example detection methods heavily rely on the underlying classifier and may fail when the classifier is upgraded. In this paper, we propose a model-agnostic detection method that leverages high-frequency signals from adversarial noises in adversarial examples and does not need interactions with the underlying classifier. We amplify redundant high-frequency signals brought by adversarial noises and represent object boundaries with these signals in an image. Our key insight is that the boundaries extracted by redundant high-frequency signals have a strong correlation with the boundaries of images in adversarial examples, while this correlation does not exist in clean images. Furthermore, adversarial examples of large images have more high-frequency signals and make adversarial detection easier on large image datasets. Experimental results show that our method has good transferability and can accurately detect various adversarial examples on different datasets.
何琨,; 李瀚星,; 陈晶,
基于分层结构的匹配量隐藏加密多重映射方案 Journal Article
In: 通信学报, vol. 45, no. 1, pp. 94, 2024.
@article{陈晶:94,
title = {基于分层结构的匹配量隐藏加密多重映射方案},
author = {何琨 and 李瀚星 and 陈晶},
url = {https://www.infocomm-journal.com/txxb/CN/abstract/article_174131.shtml
https://datasec.whu.edu.cn/wp-content/uploads/2024/04/基于分层结构的匹配量隐藏加密多重映射方案.pdf},
doi = {10.11959/j.issn.1000-436x.2024002},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {通信学报},
volume = {45},
number = {1},
pages = {94},
publisher = {通信学报},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
李瞧,; 陈晶,; 张子君,; 何琨,; 杜瑞颖,; 汪欣欣,
基于随机平滑的通用黑盒认证防御 Journal Article
In: 计算机学报, vol. 47, no. 03, pp. 690-702, 2024, ISSN: 0254-4164.
@article{JSJX202403011,
title = {基于随机平滑的通用黑盒认证防御},
author = {李瞧 and 陈晶 and 张子君 and 何琨 and 杜瑞颖 and 汪欣欣},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2024/04/基于随机平滑的通用黑盒认证防御_李瞧.pdf},
issn = {0254-4164},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {计算机学报},
volume = {47},
number = {03},
pages = {690-702},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
何琨,; 佘计思,; 张子君,; 陈晶,; 汪欣欣,; 杜瑞颖,
基于引导扩散模型的自然对抗补丁生成方法 Journal Article
In: 电子学报, vol. 52, no. 2, pp. 564-573, 2024.
@article{何琨:564,
title = {基于引导扩散模型的自然对抗补丁生成方法},
author = {何琨 and 佘计思 and 张子君 and 陈晶 and 汪欣欣 and 杜瑞颖},
url = {https://www.ejournal.org.cn/CN/10.12263/DZXB.20230481
https://datasec.whu.edu.cn/wp-content/uploads/2024/06/基于引导扩散模型的自然对抗补丁生成方法.pdf},
doi = {10.12263/DZXB.20230481},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {电子学报},
volume = {52},
number = {2},
pages = {564-573},
publisher = {电子学报},
abstract = {\<p\>近年来,物理世界中的对抗补丁攻击因其对深度学习模型安全的影响而引起了广泛关注.现有的工作主要集中在生成在物理世界中攻击性能良好的对抗补丁,没有考虑到对抗补丁图案与自然图像的差别,因此生成的对抗补丁往往不自然且容易被观察者发现.为了解决这个问题,本文提出了一种基于引导的扩散模型的自然对抗补丁生成方法.具体而言,本文通过解析目标检测器的输出构建预测对抗补丁攻击成功率的预测器,利用该预测器的梯度作为条件引导预训练的扩散模型的逆扩散过程,从而生成自然度更高且保持高攻击成功率的对抗补丁.本文在数字世界和物理世界中进行了广泛的实验,评估了对抗补丁针对各种目标检测模型的攻击效果以及对抗补丁的自然度.实验结果表明,通过将所构建的攻击成功率预测器与扩散模型相结合,本文的方法能够生成比现有方案更自然的对抗补丁,同时保持攻击性能.\</p\>},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
<p>近年来,物理世界中的对抗补丁攻击因其对深度学习模型安全的影响而引起了广泛关注.现有的工作主要集中在生成在物理世界中攻击性能良好的对抗补丁,没有考虑到对抗补丁图案与自然图像的差别,因此生成的对抗补丁往往不自然且容易被观察者发现.为了解决这个问题,本文提出了一种基于引导的扩散模型的自然对抗补丁生成方法.具体而言,本文通过解析目标检测器的输出构建预测对抗补丁攻击成功率的预测器,利用该预测器的梯度作为条件引导预训练的扩散模型的逆扩散过程,从而生成自然度更高且保持高攻击成功率的对抗补丁.本文在数字世界和物理世界中进行了广泛的实验,评估了对抗补丁针对各种目标检测模型的攻击效果以及对抗补丁的自然度.实验结果表明,通过将所构建的攻击成功率预测器与扩散模型相结合,本文的方法能够生成比现有方案更自然的对抗补丁,同时保持攻击性能.</p>
Gu, Yangyang; Chen, Jing; He, Kun; Wu, Cong; Zhao, Ziming; Du, Ruiying
WiFiLeaks: Exposing Stationary Human Presence Through a Wall With Commodity Mobile Devices Journal Article
In: IEEE Transactions on Mobile Computing, vol. 23, no. 6, pp. 6997-7011, 2024.
@article{10301514,
title = {WiFiLeaks: Exposing Stationary Human Presence Through a Wall With Commodity Mobile Devices},
author = {Yangyang Gu and Jing Chen and Kun He and Cong Wu and Ziming Zhao and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2024/06/WiFiLeaks_Exposing_Stationary_Human_Presence_Through_a_Wall_With_Commodity_Mobile_Devices.pdf},
doi = {10.1109/TMC.2023.3328349},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {IEEE Transactions on Mobile Computing},
volume = {23},
number = {6},
pages = {6997-7011},
abstract = {WiFi devices are ubiquitous and may leak user and household privacy. In this paper, we report an attack, namely WiFiLeaks, which uses a commodity mobile device to passively detect stationary human presence through a wall by analyzing the channel state information of wireless signals transmitted by indoor WiFi devices. In our adversarial scenario, attackers cannot control the WiFi transmitter or use advanced radio devices. The main challenge of this attack is how to extract robust features from non-customized signals for stationary human presence. To address this challenge, we first combine methods based on outliers and wavelet denoising to enhance the low-frequency information related to human presence. Then we propose a novel feature extraction method based on the correlation among subcarriers since stationary human presence can enhance their correlations. We evaluate WiFiLeaks using nine different WiFi transmitter and one commodity smartphone in four different settings. The evaluations show WiFiLeaks can still achieve accuracy rates of 83.33% and 100% for human presence and absence at 20 meters between the monitor device and the transmitter in through-the-wall scenarios.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
WiFi devices are ubiquitous and may leak user and household privacy. In this paper, we report an attack, namely WiFiLeaks, which uses a commodity mobile device to passively detect stationary human presence through a wall by analyzing the channel state information of wireless signals transmitted by indoor WiFi devices. In our adversarial scenario, attackers cannot control the WiFi transmitter or use advanced radio devices. The main challenge of this attack is how to extract robust features from non-customized signals for stationary human presence. To address this challenge, we first combine methods based on outliers and wavelet denoising to enhance the low-frequency information related to human presence. Then we propose a novel feature extraction method based on the correlation among subcarriers since stationary human presence can enhance their correlations. We evaluate WiFiLeaks using nine different WiFi transmitter and one commodity smartphone in four different settings. The evaluations show WiFiLeaks can still achieve accuracy rates of 83.33% and 100% for human presence and absence at 20 meters between the monitor device and the transmitter in through-the-wall scenarios.
Zhang, Renli; Zhou, Ruiting; Wang, Yufeng; Tan, Haisheng; He, Kun
Incentive Mechanisms for Online Task Offloading With Privacy-Preserving in UAV-Assisted Mobile Edge Computing Journal Article
In: IEEE/ACM Transactions on Networking, vol. 32, no. 3, pp. 2646-2661, 2024.
@article{10440643,
title = {Incentive Mechanisms for Online Task Offloading With Privacy-Preserving in UAV-Assisted Mobile Edge Computing},
author = {Renli Zhang and Ruiting Zhou and Yufeng Wang and Haisheng Tan and Kun He},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2024/06/Incentive_Mechanisms_for_Online_Task_Offloading_With_Privacy-Preserving_in_UAV-Assisted_Mobile_Edge_Computing_compressed.pdf},
doi = {10.1109/TNET.2024.3364141},
year = {2024},
date = {2024-01-01},
urldate = {2024-01-01},
journal = {IEEE/ACM Transactions on Networking},
volume = {32},
number = {3},
pages = {2646-2661},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
2023
Yan, Ran; Du, Ruiying; He, Kun; Chen, Jing
Efficient Adversarial Training with Membership Inference Resistance Proceedings Article
In: Liu, Qingshan; Wang, Hanzi; Ma, Zhanyu; Zheng, Weishi; Zha, Hongbin; Chen, Xilin; Wang, Liang; Ji, Rongrong (Ed.): Pattern Recognition and Computer Vision, pp. 474–486, Springer Nature Singapore, Singapore, 2023, ISBN: 978-981-99-8429-9.
@inproceedings{10.1007/978-981-99-8429-9_38,
title = {Efficient Adversarial Training with Membership Inference Resistance},
author = {Ran Yan and Ruiying Du and Kun He and Jing Chen},
editor = {Qingshan Liu and Hanzi Wang and Zhanyu Ma and Weishi Zheng and Hongbin Zha and Xilin Chen and Liang Wang and Rongrong Ji},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2024/01/978-981-99-8429-9_38.pdf},
isbn = {978-981-99-8429-9},
year = {2023},
date = {2023-12-30},
urldate = {2024-01-01},
booktitle = {Pattern Recognition and Computer Vision},
pages = {474\textendash486},
publisher = {Springer Nature Singapore},
address = {Singapore},
abstract = {Deep cross-media computing faces adversarial example attacks, adversarial training is an effective approach to enhance the robustness of machine learning models via adding adversarial examples into the training phase. However, existing adversarial training methods increase the advantage of membership inference attacks, which aim to determine from the model whether an example is in the training dataset. In this paper, we propose an adversarial training framework that guarantees both robustness and membership privacy by introducing a tailor-made example, called reverse-symmetry example. Moreover, our framework reduces the number of required adversarial examples compared with existing adversarial training methods. We implement the framework based on three adversarial training methods on FMNIST and CIFAR10. The experimental results show that our framework outperforms the original adversarial training with respect to the overall performance of accuracy, robustness, privacy, and runtime.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Deep cross-media computing faces adversarial example attacks, adversarial training is an effective approach to enhance the robustness of machine learning models via adding adversarial examples into the training phase. However, existing adversarial training methods increase the advantage of membership inference attacks, which aim to determine from the model whether an example is in the training dataset. In this paper, we propose an adversarial training framework that guarantees both robustness and membership privacy by introducing a tailor-made example, called reverse-symmetry example. Moreover, our framework reduces the number of required adversarial examples compared with existing adversarial training methods. We implement the framework based on three adversarial training methods on FMNIST and CIFAR10. The experimental results show that our framework outperforms the original adversarial training with respect to the overall performance of accuracy, robustness, privacy, and runtime.
Shi, Min; Chen, Jing; He, Kun; Zhao, Haoran; Jia, Meng; Du, Ruiying
Formal Analysis and Patching of BLE-SC Pairing Proceedings Article
In: 32nd USENIX Security Symposium (USENIX Security 23), pp. 37–52, USENIX Association, Anaheim, CA, 2023, ISBN: 978-1-939133-37-3.
@inproceedings{287101,
title = {Formal Analysis and Patching of BLE-SC Pairing},
author = {Min Shi and Jing Chen and Kun He and Haoran Zhao and Meng Jia and Ruiying Du},
url = {https://www.usenix.org/conference/usenixsecurity23/presentation/shi-min
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/usenixsecurity23-shi-min.pdf
},
isbn = {978-1-939133-37-3},
year = {2023},
date = {2023-08-01},
urldate = {2023-08-01},
booktitle = {32nd USENIX Security Symposium (USENIX Security 23)},
pages = {37\textendash52},
publisher = {USENIX Association},
address = {Anaheim, CA},
abstract = {Bluetooth Low Energy (BLE) is the mainstream Bluetooth standard and BLE Secure Connections (BLC-SC) pairing is a protocol that authenticates two Bluetooth devices and derives a shared secret key between them. Although BLE-SC pairing employs well-studied cryptographic primitives to guarantee its security, a recent study revealed a logic flaw in the protocol.
In this paper, we develop the first comprehensive formal model of the BLE-SC pairing protocol. Our model is compliant with the latest Bluetooth specification version 5.3 and covers all association models in the specification to discover attacks caused by the interplay between different association models. We also partly loosen the perfect cryptography assumption in traditional symbolic analysis approaches by designing a low-entropy key oracle to detect attacks caused by the poorly derived keys. Our analysis confirms two existing attacks and discloses a new attack. We propose a countermeasure to fix the flaws found in the BLE-SC pairing protocol and discuss the backward compatibility. Moreover, we extend our model to verify the countermeasure, and the results demonstrate its effectiveness in our extended model.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Bluetooth Low Energy (BLE) is the mainstream Bluetooth standard and BLE Secure Connections (BLC-SC) pairing is a protocol that authenticates two Bluetooth devices and derives a shared secret key between them. Although BLE-SC pairing employs well-studied cryptographic primitives to guarantee its security, a recent study revealed a logic flaw in the protocol.
In this paper, we develop the first comprehensive formal model of the BLE-SC pairing protocol. Our model is compliant with the latest Bluetooth specification version 5.3 and covers all association models in the specification to discover attacks caused by the interplay between different association models. We also partly loosen the perfect cryptography assumption in traditional symbolic analysis approaches by designing a low-entropy key oracle to detect attacks caused by the poorly derived keys. Our analysis confirms two existing attacks and discloses a new attack. We propose a countermeasure to fix the flaws found in the BLE-SC pairing protocol and discuss the backward compatibility. Moreover, we extend our model to verify the countermeasure, and the results demonstrate its effectiveness in our extended model.
In this paper, we develop the first comprehensive formal model of the BLE-SC pairing protocol. Our model is compliant with the latest Bluetooth specification version 5.3 and covers all association models in the specification to discover attacks caused by the interplay between different association models. We also partly loosen the perfect cryptography assumption in traditional symbolic analysis approaches by designing a low-entropy key oracle to detect attacks caused by the poorly derived keys. Our analysis confirms two existing attacks and discloses a new attack. We propose a countermeasure to fix the flaws found in the BLE-SC pairing protocol and discuss the backward compatibility. Moreover, we extend our model to verify the countermeasure, and the results demonstrate its effectiveness in our extended model.
Yang, Xuanang; Chen, Jing; He, Kun; Bai, Hao; Wu, Cong; Du, Ruiying
Efficient Privacy-Preserving Inference Outsourcing for Convolutional Neural Networks Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 18, pp. 4815-4829, 2023, ISSN: 1556-6021.
@article{10154059,
title = {Efficient Privacy-Preserving Inference Outsourcing for Convolutional Neural Networks},
author = {Xuanang Yang and Jing Chen and Kun He and Hao Bai and Cong Wu and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Efficient_Privacy-preserving_Inference_Outsourcing_for_Convolutional_Neural_Networks.pdf},
doi = {10.1109/TIFS.2023.3287072},
issn = {1556-6021},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {18},
pages = {4815-4829},
abstract = {Inference outsourcing enables model owners to deploy their machine learning models on cloud servers to serve users. In this paradigm, the privacy of model owners and users should be considered. Existing solutions focus on Convolutional Neural Networks (CNNs) but their efficiency is much lower than GALA, which is a solution that only protects user privacy. Furthermore, these solutions adopt approximations that reduce the model accuracy and thus require model owners to retrain the models. In this paper, we present an efficient CNN inference outsourcing solution that protects the privacy of both model owners and users. Specifically, we design secure two-party computation protocols based on two non-colluding cloud servers, which calculate with additive secret shares of the model and the user’s input. Our protocols avoid the expensive permutation operations in linear calculations and approximations in non-linear calculations. We implement our solution on realistic CNNs and experimental results show that our solution is even 2\textendash4 times faster than GALA.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Inference outsourcing enables model owners to deploy their machine learning models on cloud servers to serve users. In this paradigm, the privacy of model owners and users should be considered. Existing solutions focus on Convolutional Neural Networks (CNNs) but their efficiency is much lower than GALA, which is a solution that only protects user privacy. Furthermore, these solutions adopt approximations that reduce the model accuracy and thus require model owners to retrain the models. In this paper, we present an efficient CNN inference outsourcing solution that protects the privacy of both model owners and users. Specifically, we design secure two-party computation protocols based on two non-colluding cloud servers, which calculate with additive secret shares of the model and the user’s input. Our protocols avoid the expensive permutation operations in linear calculations and approximations in non-linear calculations. We implement our solution on realistic CNNs and experimental results show that our solution is even 2–4 times faster than GALA.
Gu, Yangyang; Chen, Jing; Wu, Cong; He, Kun; Zhao, Ziming; Du, Ruiying
LocCams: An Efficient and Robust Approach for Detecting and Localizing Hidden Wireless Cameras via Commodity Devices Journal Article
In: Proc. ACM Interact. Mob. Wearable Ubiquitous Technol., vol. 7, no. 4, 2023.
@article{10.1145/3631432,
title = {LocCams: An Efficient and Robust Approach for Detecting and Localizing Hidden Wireless Cameras via Commodity Devices},
author = {Yangyang Gu and Jing Chen and Cong Wu and Kun He and Ziming Zhao and Ruiying Du},
url = {https://doi.org/10.1145/3631432
https://datasec.whu.edu.cn/wp-content/uploads/2024/01/LocCams-AnEfficientandRobustApproachforDetectingand-LocalizingHiddenWirelessCamerasviaCommodityDevices.pdf},
doi = {10.1145/3631432},
year = {2023},
date = {2023-01-01},
urldate = {2024-01-01},
journal = {Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.},
volume = {7},
number = {4},
publisher = {Association for Computing Machinery},
address = {New York, NY, USA},
abstract = {Unlawful wireless cameras are often hidden to secretly monitor private activities. However, existing methods to detect and localize these cameras are interactively complex or require expensive specialized hardware. In this paper, we present LocCams, an efficient and robust approach for hidden camera detection and localization using only a commodity device (e.g., a smartphone). By analyzing data packets in the wireless local area network, LocCams passively detects hidden cameras based on the packet transmission rate. Camera localization is achieved by identifying whether the physical channel between our detector and the hidden camera is a Line-of-Sight (LOS) propagation path based on the distribution of channel state information subcarriers, and utilizing a feature extraction approach based on a Convolutional Neural Network (CNN) model for reliable localization. Our extensive experiments, involving various subjects, cameras, distances, user positions, and room configurations, demonstrate LocCams' effectiveness. Additionally, to evaluate the performance of the method in real life, we use subjects, cameras, and rooms that do not appear in the training set to evaluate the transferability of the model. With an overall accuracy of 95.12% within 30 seconds of detection, LocCams provides robust detection and localization of hidden cameras.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Unlawful wireless cameras are often hidden to secretly monitor private activities. However, existing methods to detect and localize these cameras are interactively complex or require expensive specialized hardware. In this paper, we present LocCams, an efficient and robust approach for hidden camera detection and localization using only a commodity device (e.g., a smartphone). By analyzing data packets in the wireless local area network, LocCams passively detects hidden cameras based on the packet transmission rate. Camera localization is achieved by identifying whether the physical channel between our detector and the hidden camera is a Line-of-Sight (LOS) propagation path based on the distribution of channel state information subcarriers, and utilizing a feature extraction approach based on a Convolutional Neural Network (CNN) model for reliable localization. Our extensive experiments, involving various subjects, cameras, distances, user positions, and room configurations, demonstrate LocCams' effectiveness. Additionally, to evaluate the performance of the method in real life, we use subjects, cameras, and rooms that do not appear in the training set to evaluate the transferability of the model. With an overall accuracy of 95.12% within 30 seconds of detection, LocCams provides robust detection and localization of hidden cameras.
汪欣欣,; 陈晶,; 何琨,; 张子君,; 杜瑞颖,; 李瞧,; 佘计思,
面向目标检测的对抗攻击与防御综述 Journal Article
In: 通信学报, vol. 44, no. 11, pp. 260, 2023.
@article{汪欣欣:260,
title = {面向目标检测的对抗攻击与防御综述},
author = {汪欣欣 and 陈晶 and 何琨 and 张子君 and 杜瑞颖 and 李瞧 and 佘计思 },
url = {https://www.infocomm-journal.com/txxb/CN/abstract/article_173990.shtml},
doi = {10.11959/j.issn.1000-436x.2023223},
year = {2023},
date = {2023-01-01},
urldate = {2023-01-01},
journal = {通信学报},
volume = {44},
number = {11},
pages = {260},
publisher = {通信学报},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
2022
Wang, Mei; He, Kun; Chen, Jing; Du, Ruiying; Zhang, Bingsheng; Li, Zengpeng
PANDA: Lightweight non-interactive privacy-preserving data aggregation for constrained devices Journal Article
In: Future Generation Computer Systems, vol. 131, pp. 28–42, 2022, ISSN: 0167-739X.
@article{WHC+22,
title = {PANDA: Lightweight non-interactive privacy-preserving data aggregation for constrained devices},
author = {Mei Wang and Kun He and Jing Chen and Ruiying Du and Bingsheng Zhang and Zengpeng Li},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/PANDA_Lightweight_non-interactive_privacy-preserving-data_aggregation_for_constrained_devices.pdf},
doi = {10.1016/j.future.2022.01.007},
issn = {0167-739X},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {Future Generation Computer Systems},
volume = {131},
pages = {28--42},
abstract = {Privacy-preserving data aggregation is becoming a demanding necessity for many promising scenarios, e.g., health care analysis. Sensitive data are collected and aggregated in a privacy-preserving approach using current Internet of Things (IoT) technology, leading to immense challenge and consequent interest in developing secure computing algorithms for individual and organizational data. However, most existing solutions focus on specific evaluations (e.g., SUM), and they use heavy cryptographic techniques, which are far from practice for constrained IoT devices. The Trusted Execution Environment (TEE, implemented with Intel SGX) can assist in computing arbitrary functions and avoiding resource-consuming operations. Nevertheless, TEE is subject to several challenges because TEE is vulnerable to limited resource and even function violations, e.g., the attacker may bypass the boundary of TEE. In this paper, we propose a lightweight non-interactive privacy-preserving data aggregation scheme for resource-constrained devices, named PANDA, where TEE is introduced to bypass the trusted entities requirement and heavy overhead. Additionally, PANDA explores the certificate-aided function authorization to prevent leakage from unauthorized functions, and designs the public verifiable certificate management to detect the abnormal behaviors of the host to mitigate the external host compromise. We formalize PANDA with rigorous security analysis to indicate privacy protection against the compromised aggregator and analyst. The evaluation results show that PANDA has constant online communication cost and lightweight computation overhead for constrained devices, which is suitable for IoT applications.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Privacy-preserving data aggregation is becoming a demanding necessity for many promising scenarios, e.g., health care analysis. Sensitive data are collected and aggregated in a privacy-preserving approach using current Internet of Things (IoT) technology, leading to immense challenge and consequent interest in developing secure computing algorithms for individual and organizational data. However, most existing solutions focus on specific evaluations (e.g., SUM), and they use heavy cryptographic techniques, which are far from practice for constrained IoT devices. The Trusted Execution Environment (TEE, implemented with Intel SGX) can assist in computing arbitrary functions and avoiding resource-consuming operations. Nevertheless, TEE is subject to several challenges because TEE is vulnerable to limited resource and even function violations, e.g., the attacker may bypass the boundary of TEE. In this paper, we propose a lightweight non-interactive privacy-preserving data aggregation scheme for resource-constrained devices, named PANDA, where TEE is introduced to bypass the trusted entities requirement and heavy overhead. Additionally, PANDA explores the certificate-aided function authorization to prevent leakage from unauthorized functions, and designs the public verifiable certificate management to detect the abnormal behaviors of the host to mitigate the external host compromise. We formalize PANDA with rigorous security analysis to indicate privacy protection against the compromised aggregator and analyst. The evaluation results show that PANDA has constant online communication cost and lightweight computation overhead for constrained devices, which is suitable for IoT applications.
Jia, Meng; Chen, Jing; He, Kun; Du, Ruiying; Zheng, Li; Lai, Mingxi; Wang, Donghui; Liu, Fei
Redactable Blockchain from Decentralized Chameleon Hash Functions Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 17, pp. 2771–2783, 2022, ISSN: 1556-6021.
@article{JCH+22,
title = {Redactable Blockchain from Decentralized Chameleon Hash Functions},
author = {Meng Jia and Jing Chen and Kun He and Ruiying Du and Li Zheng and Mingxi Lai and Donghui Wang and Fei Liu},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Redactable_Blockchain_From_Decentralized_Chameleon_Hash_Functions.pdf},
doi = {10.1109/TIFS.2022.3192716},
issn = {1556-6021},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {17},
pages = {2771--2783},
abstract = {Blockchain is a technology with decentralization and immutability features and has been employed for auditing by many applications. However, immutability sometimes limits the application of blockchain technology. For example, vulnerable smart contracts on blockchain cannot be redacted due to immutability. The existing redactable blockchain solutions either have a low efficiency or violate the decentralization feature. Moreover, those solutions lack mechanisms for tracing redaction history and checking block consistency. In this paper, we present an efficient redactable blockchain with traceability in the decentralized setting. Specifically, we propose a decentralized chameleon hash function for redactable blockchain that every redaction must be approved by multiple blockchain nodes. We also design a redactable blockchain structure that maintains all redactions of a block and encodes the redacted blocks into an RSA accumulator. Then, we propose an efficient block consistency check protocol based on the RSA accumulator. Finally, we conduct experiments and compare our scheme with another decentralized redactable blockchain to demonstrate that our solution is efficient in practice.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Blockchain is a technology with decentralization and immutability features and has been employed for auditing by many applications. However, immutability sometimes limits the application of blockchain technology. For example, vulnerable smart contracts on blockchain cannot be redacted due to immutability. The existing redactable blockchain solutions either have a low efficiency or violate the decentralization feature. Moreover, those solutions lack mechanisms for tracing redaction history and checking block consistency. In this paper, we present an efficient redactable blockchain with traceability in the decentralized setting. Specifically, we propose a decentralized chameleon hash function for redactable blockchain that every redaction must be approved by multiple blockchain nodes. We also design a redactable blockchain structure that maintains all redactions of a block and encodes the redacted blocks into an RSA accumulator. Then, we propose an efficient block consistency check protocol based on the RSA accumulator. Finally, we conduct experiments and compare our scheme with another decentralized redactable blockchain to demonstrate that our solution is efficient in practice.
Chen, Jing; Chen, Xin; He, Kun; Du, Ruiying; Chen, Weihang; Xiang, Yang
DELIA: Distributed Efficient Log Integrity Audit Based on Hierarchal Multi-Party State Channel Journal Article
In: IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 5, pp. 3286–3300, 2022, ISSN: 1941-0018.
@article{CCH+22,
title = {DELIA: Distributed Efficient Log Integrity Audit Based on Hierarchal Multi-Party State Channel},
author = {Jing Chen and Xin Chen and Kun He and Ruiying Du and Weihang Chen and Yang Xiang},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/DELIA_Distributed_Efficient_Log_Integrity_Audit_Based_on_Hierarchal_Multi-Party_State_Channel.pdf},
doi = {10.1109/TDSC.2021.3092365},
issn = {1941-0018},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing},
volume = {19},
number = {5},
pages = {3286--3300},
abstract = {Audit log contains the trace of different activities in computing systems, which makes it critical for security management, censorship, and forensics. However, experienced attackers may delete or modify the audit log after their attacks, which makes the audit log unavailable in attack investigation. In this article, we focus on the log integrity audit in the same domain, in which a number of servers update audit logs for a single or several organizations as an alliance. We propose a distributed efficient log integrity audit framework, called DELIA, which employs the distributed ledger technique to protect audit information, and utilizes the idea of state channel to improve the throughput of distributed ledger. To generate stable state from the rapidly-updated logs in the domain, we propose a log state generation scheme, which not only generates state suitable for audit logs, but also enables mutual supervision within the domain. To overcome the high latency in existing state channel schemes, we propose a hierarchal multi-party state channel scheme, which makes the latency in our framework independent of the number of servers in the domain. We implement DELIA on Ethereum and evaluate its performance. The results show that our framework is efficient and secure in practice.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Audit log contains the trace of different activities in computing systems, which makes it critical for security management, censorship, and forensics. However, experienced attackers may delete or modify the audit log after their attacks, which makes the audit log unavailable in attack investigation. In this article, we focus on the log integrity audit in the same domain, in which a number of servers update audit logs for a single or several organizations as an alliance. We propose a distributed efficient log integrity audit framework, called DELIA, which employs the distributed ledger technique to protect audit information, and utilizes the idea of state channel to improve the throughput of distributed ledger. To generate stable state from the rapidly-updated logs in the domain, we propose a log state generation scheme, which not only generates state suitable for audit logs, but also enables mutual supervision within the domain. To overcome the high latency in existing state channel schemes, we propose a hierarchal multi-party state channel scheme, which makes the latency in our framework independent of the number of servers in the domain. We implement DELIA on Ethereum and evaluate its performance. The results show that our framework is efficient and secure in practice.
Chen, Jing; Zhan, Zeyi; He, Kun; Du, Ruiying; Wang, Donghui; Liu, Fei
XAuth: Efficient Privacy-Preserving Cross-Domain Authentication Journal Article
In: IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 5, pp. 3301–3311, 2022, ISSN: 1941-0018.
@article{CZH+22,
title = {XAuth: Efficient Privacy-Preserving Cross-Domain Authentication},
author = {Jing Chen and Zeyi Zhan and Kun He and Ruiying Du and Donghui Wang and Fei Liu},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/XAuth_Efficient_Privacy-Preserving_Cross-Domain_Authentication.pdf},
doi = {10.1109/TDSC.2021.3092375},
issn = {1941-0018},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing},
volume = {19},
number = {5},
pages = {3301--3311},
abstract = {It is well known that each Public Key Infrastructure (PKI) system forms a closed security domain and only recognizes certificates in its own domain (such as medical systems, financial systems, and 5G networks). When users need to access services in other domains, their identities often cannot be recognized or PKI systems require extremely complex operations to authenticate the users’ identities. This is the cross-domain authentication problem. The distributed consensus feature of blockchain provides a technical approach to solve this problem. However, there are some unresolved problems in existing blockchain-based schemes. On one hand, due to the low throughput of blockchain systems, the response speed may be insufferable when the number of cross-domain authentication requirements becomes enormous. On the other hand, these schemes insufficiently consider the privacy risk in the cross-domain scenario. In this article, we propose an efficient privacy-preserving cross-domain authentication scheme called XAuth that is integrated naturally with the existing PKI and Certificate Transparency (CT) systems. Specifically, we design a lightweight correctness verification protocol based on Multiple Merkle Hash Tree for rapid response. To protect users’ privacy, we present an anonymous authentication protocol for cross-domain authentication. The security analysis and experimental results demonstrate that XAuth is secure and efficient.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
It is well known that each Public Key Infrastructure (PKI) system forms a closed security domain and only recognizes certificates in its own domain (such as medical systems, financial systems, and 5G networks). When users need to access services in other domains, their identities often cannot be recognized or PKI systems require extremely complex operations to authenticate the users’ identities. This is the cross-domain authentication problem. The distributed consensus feature of blockchain provides a technical approach to solve this problem. However, there are some unresolved problems in existing blockchain-based schemes. On one hand, due to the low throughput of blockchain systems, the response speed may be insufferable when the number of cross-domain authentication requirements becomes enormous. On the other hand, these schemes insufficiently consider the privacy risk in the cross-domain scenario. In this article, we propose an efficient privacy-preserving cross-domain authentication scheme called XAuth that is integrated naturally with the existing PKI and Certificate Transparency (CT) systems. Specifically, we design a lightweight correctness verification protocol based on Multiple Merkle Hash Tree for rapid response. To protect users’ privacy, we present an anonymous authentication protocol for cross-domain authentication. The security analysis and experimental results demonstrate that XAuth is secure and efficient.
Zhou, Ruiting; Zhang, Renli; Wang, Yufeng; Tan, Haisheng; He, Kun
Online incentive mechanism for task offloading with privacy-preserving in UAV-assisted mobile edge computing Proceedings Article
In: Proceedings of the Twenty-Third International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing, pp. 211–220, 2022, ISBN: 9781450391658.
@inproceedings{ZZW+22,
title = {Online incentive mechanism for task offloading with privacy-preserving in UAV-assisted mobile edge computing},
author = {Ruiting Zhou and Renli Zhang and Yufeng Wang and Haisheng Tan and Kun He},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Online_incentive_mechanism_for_task_offloading_with_privacy-preserving_in_UAV-assisted_mobile_edge_computing-.pdf},
doi = {10.1145/3492866.3549715},
isbn = {9781450391658},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {Proceedings of the Twenty-Third International Symposium on Theory, Algorithmic Foundations, and Protocol Design for Mobile Networks and Mobile Computing},
pages = {211--220},
abstract = {Unmanned aerial vehicles (UAVs) have emerged as a promising technology to provide low-latency mobile edge computing (MEC) services. To fully utilize the potential of UAV-assisted MEC in practice, both technical and economic challenges need to be addressed: how to optimize UAV trajectory for online task offloading and incentivize the participation of UAVs without compromising the privacy of user equipment (UE). In this work, we consider unique features of UAVs, i.e., high mobility as well as limited energy and computing capacity, and propose a privacy-preserving auction framework, Ptero, to schedule offloading tasks on the fly and incentivize UAVs' participation. Specifically, Ptero first decomposes the online task offloading problem into a series of one-round problems by scaling the UAV's energy constraint into the objective. To protect UE's privacy, Ptero calculates UAV's coverage based on subset-anonymity. At each round, Ptero schedules UAVs greedily, computes remuneration for working UAVs, and processes unserved tasks in the cloud to maximize the system's utility (i.e., minimize social cost). Theoretical analysis proves that Ptero achieves truthfulness, individual rationality, computational efficiency, privacy preserving and a non-trivial competitive ratio. Trace-driven evaluations further verify that Ptero can reduce the social cost by up to 116% compared with four state-of-the-art algorithms.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Unmanned aerial vehicles (UAVs) have emerged as a promising technology to provide low-latency mobile edge computing (MEC) services. To fully utilize the potential of UAV-assisted MEC in practice, both technical and economic challenges need to be addressed: how to optimize UAV trajectory for online task offloading and incentivize the participation of UAVs without compromising the privacy of user equipment (UE). In this work, we consider unique features of UAVs, i.e., high mobility as well as limited energy and computing capacity, and propose a privacy-preserving auction framework, Ptero, to schedule offloading tasks on the fly and incentivize UAVs' participation. Specifically, Ptero first decomposes the online task offloading problem into a series of one-round problems by scaling the UAV's energy constraint into the objective. To protect UE's privacy, Ptero calculates UAV's coverage based on subset-anonymity. At each round, Ptero schedules UAVs greedily, computes remuneration for working UAVs, and processes unserved tasks in the cloud to maximize the system's utility (i.e., minimize social cost). Theoretical analysis proves that Ptero achieves truthfulness, individual rationality, computational efficiency, privacy preserving and a non-trivial competitive ratio. Trace-driven evaluations further verify that Ptero can reduce the social cost by up to 116% compared with four state-of-the-art algorithms.
Wu, Cong; Chen, Jing; He, Kun; Zhao, Ziming; Du, Ruiying; Zhang, Chen
EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices Proceedings Article
In: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security, pp. 2931–2945, 2022, ISBN: 9781450394505.
@inproceedings{WCH+22,
title = {EchoHand: High Accuracy and Presentation Attack Resistant Hand Authentication on Commodity Mobile Devices},
author = {Cong Wu and Jing Chen and Kun He and Ziming Zhao and Ruiying Du and Chen Zhang},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/EchoHand-High-Accuracy-and-Presentation-Attack-Resistant-Hand-Authentication-on-Commodity-Mobile-Devices.pdf},
doi = {10.1145/3548606.3560553},
isbn = {9781450394505},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security},
pages = {2931--2945},
abstract = {Biometric authentication schemes, i.e., fingerprint and face authentication, raise serious privacy concerns. To alleviate such concerns, hand authentication has been proposed recently. However, existing hand authentication schemes use dedicated hardware, such as infrared or depth cameras, which are not available on commodity mobile devices. In this paper, we present EchoHand, a high accuracy and presentation attack resistant authentication scheme that complements camera-based 2-dimensional hand geometry recognition of one hand with active acoustic sensing of the other holding hand. EchoHand plays an inaudible acoustic signal using the speaker to actively sense the holding hand and collects the echoes using the microphone. EchoHand does not rely on any specialized hardware but uses the built-in speaker, microphone and camera. Moreover, EchoHand does not place more burdens on users than existing hand authentication methods. We conduct comprehensive experiments to evaluate the reliability and security of EchoHand. The results show that EchoHand has a low equal error rate of 2.45% with as few as 10 training data points and it defeats presentation attacks.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Biometric authentication schemes, i.e., fingerprint and face authentication, raise serious privacy concerns. To alleviate such concerns, hand authentication has been proposed recently. However, existing hand authentication schemes use dedicated hardware, such as infrared or depth cameras, which are not available on commodity mobile devices. In this paper, we present EchoHand, a high accuracy and presentation attack resistant authentication scheme that complements camera-based 2-dimensional hand geometry recognition of one hand with active acoustic sensing of the other holding hand. EchoHand plays an inaudible acoustic signal using the speaker to actively sense the holding hand and collects the echoes using the microphone. EchoHand does not rely on any specialized hardware but uses the built-in speaker, microphone and camera. Moreover, EchoHand does not place more burdens on users than existing hand authentication methods. We conduct comprehensive experiments to evaluate the reliability and security of EchoHand. The results show that EchoHand has a low equal error rate of 2.45% with as few as 10 training data points and it defeats presentation attacks.
Wu, Cong; He, Kun; Chen, Jing; Zhao, Ziming; Du, Ruiying
Toward Robust Detection of Puppet Attacks via Characterizing Fingertip-Touch Behaviors Journal Article
In: IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 6, pp. 4002–4018, 2022, ISSN: 1941-0018.
@article{WHC+22a,
title = {Toward Robust Detection of Puppet Attacks via Characterizing Fingertip-Touch Behaviors},
author = {Cong Wu and Kun He and Jing Chen and Ziming Zhao and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Toward_Robust_Detection_of_Puppet_Attacks_via_Characterizing_Fingertip-Touch_Behaviors.pdf},
doi = {10.1109/TDSC.2021.3116552},
issn = {1941-0018},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing},
volume = {19},
number = {6},
pages = {4002--4018},
abstract = {Fingerprint authentication has gained increasing popularity on mobile devices in recent years. However, it is vulnerable to presentation attacks, which include that an attacker spoofs with an artificial replica. Many liveness detection solutions have been proposed to defeat such presentation attacks; however, they all fail to defend against a particular type of presentation attack, namely puppet attack, in which an attacker places an unwilling victim's finger on the fingerprint sensor. In this article, we propose FinAuth, an effective and efficient software-only solution, to complement fingerprint authentication by defeating both synthetic spoofs and puppet attacks using fingertip-touch characteristics. FinAuth characterizes intrinsic fingertip-touch behaviors including the acceleration and the rotation angle of mobile devices when a legitimate user authenticates. FinAuth only utilizes common sensors equipped on mobile devices and does not introduce extra usability burdens on users. To evaluate the effectiveness of FinAuth, we carried out experiments on datasets collected from 90 subjects after the IRB approval. The results show that FinAuth can achieve the average balanced accuracy of 96.04% with 5 training data points and 99.28% with 100 training data points. Security experiments also demonstrate that FinAuth is resilient against possible attacks. In addition, we report the usability analysis results of FinAuth, including user authentication delay and overhead.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Fingerprint authentication has gained increasing popularity on mobile devices in recent years. However, it is vulnerable to presentation attacks, which include that an attacker spoofs with an artificial replica. Many liveness detection solutions have been proposed to defeat such presentation attacks; however, they all fail to defend against a particular type of presentation attack, namely puppet attack, in which an attacker places an unwilling victim's finger on the fingerprint sensor. In this article, we propose FinAuth, an effective and efficient software-only solution, to complement fingerprint authentication by defeating both synthetic spoofs and puppet attacks using fingertip-touch characteristics. FinAuth characterizes intrinsic fingertip-touch behaviors including the acceleration and the rotation angle of mobile devices when a legitimate user authenticates. FinAuth only utilizes common sensors equipped on mobile devices and does not introduce extra usability burdens on users. To evaluate the effectiveness of FinAuth, we carried out experiments on datasets collected from 90 subjects after the IRB approval. The results show that FinAuth can achieve the average balanced accuracy of 96.04% with 5 training data points and 99.28% with 100 training data points. Security experiments also demonstrate that FinAuth is resilient against possible attacks. In addition, we report the usability analysis results of FinAuth, including user authentication delay and overhead.
Wang, Run; Li, Haoxuan; Mu, Lingzhou; Ren, Jixing; Guo, Shangwei; Liu, Li; Fang, Liming; Chen, Jing; Wang, Lina
Rethinking the Vulnerability of DNN Watermarking: Are Watermarks Robust against Naturalness-Aware Perturbations? Proceedings Article
In: Proceedings of the 30th ACM International Conference on Multimedia, pp. 1808–1818, Association for Computing Machinery, Lisboa, Portugal, 2022, ISBN: 9781450392037.
@inproceedings{10.1145/3503161.3548390,
title = {Rethinking the Vulnerability of DNN Watermarking: Are Watermarks Robust against Naturalness-Aware Perturbations?},
author = {Run Wang and Haoxuan Li and Lingzhou Mu and Jixing Ren and Shangwei Guo and Li Liu and Liming Fang and Jing Chen and Lina Wang},
url = {https://doi.org/10.1145/3503161.3548390
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Rethinking-the-Vulnerability-of-DNN-Watermarking-Are-Watermarks-Robust-against-Naturalness-aware-Perturbations-.pdf
},
doi = {10.1145/3503161.3548390},
isbn = {9781450392037},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {Proceedings of the 30th ACM International Conference on Multimedia},
pages = {1808\textendash1818},
publisher = {Association for Computing Machinery},
address = {Lisboa, Portugal},
series = {MM '22},
abstract = {Training Deep Neural Networks (DNN) is a time-consuming process and requires a large amount of training data, which motivates studies working on protecting the intellectual property (IP) of DNN models by employing various watermarking techniques. Unfortunately, in recent years, adversaries have been exploiting the vulnerabilities of the employed watermarking techniques to remove the embedded watermarks. In this paper, we investigate and introduce a novel watermark removal attack, called AdvNP, against all the existing four different types of DNN watermarking schemes via input preprocessing by injecting \underline{Adv}ersarial \underline{N}aturalness-aware \underline{P}erturbations. In contrast to the prior studies, our proposed method is the first work that generalizes all the existing four watermarking schemes well without involving any model modification, which preserves the fidelity of the target model. We conduct the experiments against four state-of-the-art (SOTA) watermarking schemes on two real tasks (e.g., image classification on ImageNet, face recognition on CelebA) across multiple DNN models. Overall, our proposed AdvNP significantly invalidates the watermarks against the four watermarking schemes on two real-world datasets, i.e., 60.9% on the average attack success rate and up to 97% in the worse case. Moreover, our AdvNP could well survive the image denoising techniques and outperforms the baseline in both the fidelity preserving and watermark removal. Furthermore, we introduce two defense methods to enhance the robustness of DNN watermarking against our AdvNP. Our experimental results pose real threats to the existing watermarking schemes and call for more practical and robust watermarking techniques to protect the copyright of pre-trained DNN models. The source code and models are available at ttps://github.com/GitKJ123/AdvNP.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Training Deep Neural Networks (DNN) is a time-consuming process and requires a large amount of training data, which motivates studies working on protecting the intellectual property (IP) of DNN models by employing various watermarking techniques. Unfortunately, in recent years, adversaries have been exploiting the vulnerabilities of the employed watermarking techniques to remove the embedded watermarks. In this paper, we investigate and introduce a novel watermark removal attack, called AdvNP, against all the existing four different types of DNN watermarking schemes via input preprocessing by injecting Adversarial Naturalness-aware Perturbations. In contrast to the prior studies, our proposed method is the first work that generalizes all the existing four watermarking schemes well without involving any model modification, which preserves the fidelity of the target model. We conduct the experiments against four state-of-the-art (SOTA) watermarking schemes on two real tasks (e.g., image classification on ImageNet, face recognition on CelebA) across multiple DNN models. Overall, our proposed AdvNP significantly invalidates the watermarks against the four watermarking schemes on two real-world datasets, i.e., 60.9% on the average attack success rate and up to 97% in the worse case. Moreover, our AdvNP could well survive the image denoising techniques and outperforms the baseline in both the fidelity preserving and watermark removal. Furthermore, we introduce two defense methods to enhance the robustness of DNN watermarking against our AdvNP. Our experimental results pose real threats to the existing watermarking schemes and call for more practical and robust watermarking techniques to protect the copyright of pre-trained DNN models. The source code and models are available at ttps://github.com/GitKJ123/AdvNP.
Wang, Run; Huang, Ziheng; Chen, Zhikai; Liu, Li; Chen, Jing; Wang, Lina
Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations Proceedings Article
In: Raedt, Lud De (Ed.): Proceedings of the Thirty-First International Joint Conference on Artificial Intelligence, IJCAI-22, pp. 761–767, International Joint Conferences on Artificial Intelligence Organization, 2022, ISBN: 978-1-956792-00-3, (Main Track).
@inproceedings{Wang2022,
title = {Anti-Forgery: Towards a Stealthy and Robust DeepFake Disruption Attack via Adversarial Perceptual-aware Perturbations},
author = {Run Wang and Ziheng Huang and Zhikai Chen and Li Liu and Jing Chen and Lina Wang},
editor = {Lud De Raedt},
url = {https://doi.org/10.24963/ijcai.2022/107
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Anti-Forgery-Towards-a-Stealthy-and-Robust-DeepFake-Disruption-Attack-via-Adversarial-Perceptual-aware-Perturbations.-.pdf
},
doi = {10.24963/ijcai.2022/107},
isbn = {978-1-956792-00-3},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
booktitle = {Proceedings of the Thirty-First International Joint Conference on
Artificial Intelligence, IJCAI-22},
pages = {761\textendash767},
publisher = {International Joint Conferences on Artificial Intelligence Organization},
abstract = {DeepFake is becoming a real risk to society and brings potential threats to both individual privacy and political security due to the DeepFaked multimedia are realistic and convincing. However, the popular DeepFake passive detection is an ex-post forensics countermeasure and failed in blocking the disinformation spreading in advance. To address this limitation, researchers study the proactive defense techniques by adding adversarial noises into the source data to disrupt the DeepFake manipulation. However, the existing studies on proactive DeepFake defense via injecting adversarial noises are not robust, which could be easily bypassed by employing simple image reconstruction revealed in a recent study MagDR. In this paper, we investigate the vulnerability of the existing forgery techniques and propose a novel anti-forgery technique that helps users protect the shared facial images from attackers who are capable of applying the popular forgery techniques. Our proposed method generates perceptual-aware perturbations in an incessant manner which is vastly different from the prior studies by adding adversarial noises that is sparse. Experimental results reveal that our perceptual-aware perturbations are robust to diverse image transformations, especially the competitive evasion technique, MagDR via image reconstruction. Our findings potentially open up a new research direction towards thorough understanding and investigation of perceptual-aware adversarial attack for protecting facial images against DeepFakes in a proactive and robust manner. Code is available at https://github.com/AbstractTeen/AntiForgery.},
note = {Main Track},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
DeepFake is becoming a real risk to society and brings potential threats to both individual privacy and political security due to the DeepFaked multimedia are realistic and convincing. However, the popular DeepFake passive detection is an ex-post forensics countermeasure and failed in blocking the disinformation spreading in advance. To address this limitation, researchers study the proactive defense techniques by adding adversarial noises into the source data to disrupt the DeepFake manipulation. However, the existing studies on proactive DeepFake defense via injecting adversarial noises are not robust, which could be easily bypassed by employing simple image reconstruction revealed in a recent study MagDR. In this paper, we investigate the vulnerability of the existing forgery techniques and propose a novel anti-forgery technique that helps users protect the shared facial images from attackers who are capable of applying the popular forgery techniques. Our proposed method generates perceptual-aware perturbations in an incessant manner which is vastly different from the prior studies by adding adversarial noises that is sparse. Experimental results reveal that our perceptual-aware perturbations are robust to diverse image transformations, especially the competitive evasion technique, MagDR via image reconstruction. Our findings potentially open up a new research direction towards thorough understanding and investigation of perceptual-aware adversarial attack for protecting facial images against DeepFakes in a proactive and robust manner. Code is available at https://github.com/AbstractTeen/AntiForgery.
Yang, Yang; Chen, Yanjiao; Chen, Fei; Chen, Jing
An Efficient Identity-Based Provable Data Possession Protocol With Compressed Cloud Storage Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 17, pp. 1359-1371, 2022, ISSN: 1556-6021.
@article{9733365,
title = {An Efficient Identity-Based Provable Data Possession Protocol With Compressed Cloud Storage},
author = {Yang Yang and Yanjiao Chen and Fei Chen and Jing Chen},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/09/An_Efficient_Identity-Based_Provable_Data_Possession_Protocol_With_Compressed_Cloud_Storage.pdf},
doi = {10.1109/TIFS.2022.3159152},
issn = {1556-6021},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {17},
pages = {1359-1371},
abstract = {Cloud storage is more and more prevalent in practice, and thus how to check its integrity becomes increasingly essential. A classical solution is identity-based (ID-based) provable data possession (PDP), which supports certificateless cloud storage auditing without entire user data. However, existing ID-PDP protocols always require that cloud users outsource data blocks, authenticators and a small-sized file tag to the cloud, and make use of the heavy elliptic curve cryptography over bilinear pairing. These disadvantages would result in vast storage, communication, and computation costs, which is unexpected, especially for resource-limited cloud users. To improve the performance, this paper proposes a novel cryptographic primitive: ID-based PDP with compressed cloud storage. In this model, cloud storage auditing can be achieved by using only encrypted data blocks in a self-verified way, and original data blocks can be reconstructed from the outsourced data. Thus, data owners no longer need to store original data blocks on the cloud. We also use some basic algebraic operations to realize a concrete ID-based PDP protocol with compressed cloud storage, which is quite efficient due to no heavy cryptographic operations involved. The proposed protocol can easily be extended to support the other practical functions by using the primitive replacement technique. The proposed protocol is strictly proven to have the properties of correctness, privacy, unforgeability and detectability. Finally, we give plenty of theoretical analysis and experimental results to validate the efficiency of the proposed protocol.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Cloud storage is more and more prevalent in practice, and thus how to check its integrity becomes increasingly essential. A classical solution is identity-based (ID-based) provable data possession (PDP), which supports certificateless cloud storage auditing without entire user data. However, existing ID-PDP protocols always require that cloud users outsource data blocks, authenticators and a small-sized file tag to the cloud, and make use of the heavy elliptic curve cryptography over bilinear pairing. These disadvantages would result in vast storage, communication, and computation costs, which is unexpected, especially for resource-limited cloud users. To improve the performance, this paper proposes a novel cryptographic primitive: ID-based PDP with compressed cloud storage. In this model, cloud storage auditing can be achieved by using only encrypted data blocks in a self-verified way, and original data blocks can be reconstructed from the outsourced data. Thus, data owners no longer need to store original data blocks on the cloud. We also use some basic algebraic operations to realize a concrete ID-based PDP protocol with compressed cloud storage, which is quite efficient due to no heavy cryptographic operations involved. The proposed protocol can easily be extended to support the other practical functions by using the primitive replacement technique. The proposed protocol is strictly proven to have the properties of correctness, privacy, unforgeability and detectability. Finally, we give plenty of theoretical analysis and experimental results to validate the efficiency of the proposed protocol.
Yang, Yang; Chen, Yanjiao; Chen, Fei; Chen, Jing
Identity-Based Cloud Storage Auditing for Data Sharing With Access Control of Sensitive Information Journal Article
In: IEEE Internet of Things Journal, vol. 9, no. 13, pp. 10434-10445, 2022.
@article{9583593,
title = {Identity-Based Cloud Storage Auditing for Data Sharing With Access Control of Sensitive Information},
author = {Yang Yang and Yanjiao Chen and Fei Chen and Jing Chen},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2024/03/Identity-Based_Cloud_Storage_Auditing_for_Data_Sharing_With_Access_Control_of_Sensitive_Information.pdf},
doi = {10.1109/JIOT.2021.3121678},
year = {2022},
date = {2022-01-01},
urldate = {2022-01-01},
journal = {IEEE Internet of Things Journal},
volume = {9},
number = {13},
pages = {10434-10445},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
2021
Chen, Jing; Chen, Jiong; He, Kun; Du, Ruiying
SeCrowd: Efficient secure interactive crowdsourcing via permission-based signatures Journal Article
In: Future Generation Computer Systems, vol. 115, pp. 448–458, 2021.
@article{CCHD21,
title = {SeCrowd: Efficient secure interactive crowdsourcing via permission-based signatures},
author = {Jing Chen and Jiong Chen and Kun He and Ruiying Du},
url = {http://www.sciencedirect.com/science/article/pii/S0167739X20305264
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/SeCrowd-Efficient-secure-interactive-crowdsourcing-via-permission-based-signatures-.pdf},
doi = {10.1016/j.future.2020.09.033},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {Future Generation Computer Systems},
volume = {115},
pages = {448--458},
abstract = {Crowdsourcing is a powerful paradigm to provide services by soliciting help from a pool of contributors. However, the security threats in crowdsourcing, especially in interactive crowdsourcing where contributors interact with each other for collaboration, are not well studied. External adversaries who may inject malicious results are the major concerns of all involved parties in crowdsourcing. In this paper, an efficient secure interactive crowdsourcing framework, called SeCrowd, is proposed to protect the authenticity in the crowdsourcing platform against external adversaries. The framework is characterized by a recently proposed cryptographic primitive, called permission-based signature, which reveals the signer’s identity to permissive verifiers only, while safeguards it against others. In this way, contributors can identify each other based on their signed contributions, but their identities remain unknown to other users. Moreover, users can verify whether the signed contributions are made by legal contributors without being aware of the actual signer’s identities, which guarantees that the contributions cannot be tampered or forged. We prove that SeCrowd achieves unforgeability in the random oracle model. Comprehensive analysis and experiments showed that our framework is secure and highly efficient in terms of computation and communication cost.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Crowdsourcing is a powerful paradigm to provide services by soliciting help from a pool of contributors. However, the security threats in crowdsourcing, especially in interactive crowdsourcing where contributors interact with each other for collaboration, are not well studied. External adversaries who may inject malicious results are the major concerns of all involved parties in crowdsourcing. In this paper, an efficient secure interactive crowdsourcing framework, called SeCrowd, is proposed to protect the authenticity in the crowdsourcing platform against external adversaries. The framework is characterized by a recently proposed cryptographic primitive, called permission-based signature, which reveals the signer’s identity to permissive verifiers only, while safeguards it against others. In this way, contributors can identify each other based on their signed contributions, but their identities remain unknown to other users. Moreover, users can verify whether the signed contributions are made by legal contributors without being aware of the actual signer’s identities, which guarantees that the contributions cannot be tampered or forged. We prove that SeCrowd achieves unforgeability in the random oracle model. Comprehensive analysis and experiments showed that our framework is secure and highly efficient in terms of computation and communication cost.
Chen, Jing; Wang, Chiheng; He, Kun; Zhao, Ziming; Chen, Min; Du, Ruiying; Ahn, Gail-Joon
Semantics-Aware Privacy Risk Assessment Using Self-Learning Weight Assignment for Mobile Apps Journal Article
In: IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 1, pp. 15–29, 2021.
@article{CWH+21,
title = {Semantics-Aware Privacy Risk Assessment Using Self-Learning Weight Assignment for Mobile Apps},
author = {Jing Chen and Chiheng Wang and Kun He and Ziming Zhao and Min Chen and Ruiying Du and Gail-Joon Ahn},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Semantics-Aware_Privacy_Risk_Assessment_Using_Self-Learning_Weight_Assignment_for_Mobile_Apps.pdf},
doi = {10.1109/TDSC.2018.2871682},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing},
volume = {18},
number = {1},
pages = {15--29},
abstract = {Most of the existing mobile application (app) vetting mechanisms only estimate risks at a coarse-grained level by analyzing app syntax but not semantics. We propose a semantics-aware privacy risk assessment framework (SPRisk), which considers the sensitivity discrepancy of privacy-related factors at semantic level. Our framework can provide qualitative (i.e., risk level) and quantitative (i.e., risk score) assessment results, both of which help users make decisions to install an app or not. Furthermore, to find the reasonable weight distribution of each factor automatically, we exploit a self-learning weight assignment method, which is based on fuzzy clustering and knowledge dependency theory. We implement a prototype system and evaluate the effectiveness of SPRisk with 192,445 normal apps and 7,111 malicious apps. A measurement study further reveals some interesting findings, such as the privacy risk distribution of Google Play Store, the diversity of official and unofficial marketplaces, which provide insights into understanding the seriousness of privacy threat in the Android ecosystem.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Most of the existing mobile application (app) vetting mechanisms only estimate risks at a coarse-grained level by analyzing app syntax but not semantics. We propose a semantics-aware privacy risk assessment framework (SPRisk), which considers the sensitivity discrepancy of privacy-related factors at semantic level. Our framework can provide qualitative (i.e., risk level) and quantitative (i.e., risk score) assessment results, both of which help users make decisions to install an app or not. Furthermore, to find the reasonable weight distribution of each factor automatically, we exploit a self-learning weight assignment method, which is based on fuzzy clustering and knowledge dependency theory. We implement a prototype system and evaluate the effectiveness of SPRisk with 192,445 normal apps and 7,111 malicious apps. A measurement study further reveals some interesting findings, such as the privacy risk distribution of Google Play Store, the diversity of official and unofficial marketplaces, which provide insights into understanding the seriousness of privacy threat in the Android ecosystem.
He, Kun; Chen, Jing; Yuan, Quan; Ji, Shouling; He, Debiao; Du, Ruiying
Dynamic Group-Oriented Provable Data Possession in the Cloud Journal Article
In: IEEE Transactions on Dependable and Secure Computing, vol. 18, no. 3, pp. 1394–1408, 2021.
@article{HCY+21,
title = {Dynamic Group-Oriented Provable Data Possession in the Cloud},
author = {Kun He and Jing Chen and Quan Yuan and Shouling Ji and Debiao He and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Dynamic_Group-Oriented_Provable_Data_Possession_in_the_Cloud.pdf},
doi = {10.1109/TDSC.2019.2925800},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Dependable and Secure Computing},
volume = {18},
number = {3},
pages = {1394--1408},
abstract = {As an important security property of cloud storage, data integrity has not been sufficiently studied under the multi-writer model, where a group of users work on shared files collaboratively and any group member can update the data by modification, insertion, and deletion operations. Existing works under such multi-writer model would bring large storage cost to the third-party verifiers. Furthermore, to the best of our knowledge, none of the existing works for shared files supports fully dynamic operations, which implies that users cannot freely perform the update operations. In this paper, we propose the first public auditing scheme for shared data that supports fully dynamic operations and achieves constant storage cost for the verifiers. Our scheme, named PRAYS, is boosted by a new paradigm for remote data integrity checking. To implement the new paradigm, we proposed a specially designed authenticated structure, called blockless Merkle tree, and a novel cryptographic primitive, called permission-based signature. Extensive evaluation demonstrates that PRAYS is as efficient as the existing less-functional solutions. We believe that PRAYS is an important step towards designing practical multi-writer cloud storage systems.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
As an important security property of cloud storage, data integrity has not been sufficiently studied under the multi-writer model, where a group of users work on shared files collaboratively and any group member can update the data by modification, insertion, and deletion operations. Existing works under such multi-writer model would bring large storage cost to the third-party verifiers. Furthermore, to the best of our knowledge, none of the existing works for shared files supports fully dynamic operations, which implies that users cannot freely perform the update operations. In this paper, we propose the first public auditing scheme for shared data that supports fully dynamic operations and achieves constant storage cost for the verifiers. Our scheme, named PRAYS, is boosted by a new paradigm for remote data integrity checking. To implement the new paradigm, we proposed a specially designed authenticated structure, called blockless Merkle tree, and a novel cryptographic primitive, called permission-based signature. Extensive evaluation demonstrates that PRAYS is as efficient as the existing less-functional solutions. We believe that PRAYS is an important step towards designing practical multi-writer cloud storage systems.
He, Kun; Chen, Jing; Zhou, Qinxi; Du, Ruiying; Xiang, Yang
Secure Dynamic Searchable Symmetric Encryption With Constant Client Storage Cost Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 16, pp. 1538–1549, 2021.
@article{HCZ+21,
title = {Secure Dynamic Searchable Symmetric Encryption With Constant Client Storage Cost},
author = {Kun He and Jing Chen and Qinxi Zhou and Ruiying Du and Yang Xiang},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Secure_Dynamic_Searchable_Symmetric_Encryption_With_Constant_Client_Storage_Cost.pdf},
doi = {10.1109/TIFS.2020.3033412},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {16},
pages = {1538--1549},
abstract = {Dynamic Searchable Symmetric Encryption (DSSE) enables users to search on the encrypted database stored on a semi-trusted server while keeping the search and update information under acceptable leakage. However, most existing DSSE schemes are not efficient enough in practice due to the complex structures and cryptographic primitives. Moreover, the storage cost on the client side grows linearly with the number of keywords in the database, which induces unaffordable storage cost when the size of keyword set is large. In this article, we focus on secure dynamic searchable symmetric encryption with constant client storage cost. Our framework is boosted by fish-bone chain, a novel two-level structure which consists of Logical Keyword Index Chain (LoKIC) and Document Index Chain (DIC). To instantiate the proposed framework, we propose a forward secure DSSE scheme, called CLOSE-F, and a forward and backward secure DSSE scheme, called CLOSE-FB. Experiments showed that the computation cost of CLOSE-F and CLOSE-FB are as efficient as the state-of-the-art solutions, while the storage costs on the client side are constant in both CLOSE-F and CLOSE-FB, which are much smaller than existing schemes.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Dynamic Searchable Symmetric Encryption (DSSE) enables users to search on the encrypted database stored on a semi-trusted server while keeping the search and update information under acceptable leakage. However, most existing DSSE schemes are not efficient enough in practice due to the complex structures and cryptographic primitives. Moreover, the storage cost on the client side grows linearly with the number of keywords in the database, which induces unaffordable storage cost when the size of keyword set is large. In this article, we focus on secure dynamic searchable symmetric encryption with constant client storage cost. Our framework is boosted by fish-bone chain, a novel two-level structure which consists of Logical Keyword Index Chain (LoKIC) and Document Index Chain (DIC). To instantiate the proposed framework, we propose a forward secure DSSE scheme, called CLOSE-F, and a forward and backward secure DSSE scheme, called CLOSE-FB. Experiments showed that the computation cost of CLOSE-F and CLOSE-FB are as efficient as the state-of-the-art solutions, while the storage costs on the client side are constant in both CLOSE-F and CLOSE-FB, which are much smaller than existing schemes.
Jia, Meng; He, Kun; Chen, Jing; Du, Ruiying; Chen, Weihang; Tian, Zhihong; Ji, Shouling
PROCESS: Privacy-Preserving On-Chain Certificate Status Service Proceedings Article
In: IEEE INFOCOM 2021 - IEEE Conference on Computer Communications, pp. 1–10, 2021.
@inproceedings{JHC+21,
title = {PROCESS: Privacy-Preserving On-Chain Certificate Status Service},
author = {Meng Jia and Kun He and Jing Chen and Ruiying Du and Weihang Chen and Zhihong Tian and Shouling Ji},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/PROCESS_Privacy-Preserving_On-Chain_Certificate_Status_Service.pdf},
doi = {10.1109/INFOCOM42981.2021.9488858},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {IEEE INFOCOM 2021 - IEEE Conference on Computer Communications},
pages = {1--10},
abstract = {Clients (e.g., browsers) and servers require public key certificates to establish secure connections. When a client accesses a server, it needs to check the signature, expiration time, and revocation status of the certificate to determine whether the server is reliable. The existing solutions for checking certificate status either have a long update cycle (e.g., CRL, CRLite) or violate clients’ privacy (e.g., OCSP, CCSP), and these solutions also have the problem of trust concentration. In this paper, we present PROCESS, an online privacy-preserving on-chain certificate status service based on the blockchain architecture, which can ensure decentralized trust and provide privacy protection for clients. Specifically, we design Counting Garbled Bloom Filter (CGBF) that supports efficient queries and BlockOriented Revocation List (BORL) to update CGBF timely in the blockchain. With CGBF, we design a privacy-preserving protocol to protect clients’ privacy when they check the certificate statuses from the blockchain nodes. Finally, we conduct experiments and compare PROCESS with another blockchain-based solution to demonstrate that PROCESS is suitable in practice.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Clients (e.g., browsers) and servers require public key certificates to establish secure connections. When a client accesses a server, it needs to check the signature, expiration time, and revocation status of the certificate to determine whether the server is reliable. The existing solutions for checking certificate status either have a long update cycle (e.g., CRL, CRLite) or violate clients’ privacy (e.g., OCSP, CCSP), and these solutions also have the problem of trust concentration. In this paper, we present PROCESS, an online privacy-preserving on-chain certificate status service based on the blockchain architecture, which can ensure decentralized trust and provide privacy protection for clients. Specifically, we design Counting Garbled Bloom Filter (CGBF) that supports efficient queries and BlockOriented Revocation List (BORL) to update CGBF timely in the blockchain. With CGBF, we design a privacy-preserving protocol to protect clients’ privacy when they check the certificate statuses from the blockchain nodes. Finally, we conduct experiments and compare PROCESS with another blockchain-based solution to demonstrate that PROCESS is suitable in practice.
Chen, Jing; Jiang, Peidong; He, Kun; Zeng, Cheng; Du, Ruiying
HIAWare: Speculate Handwriting on Mobile Devices with Built-In Sensors Proceedings Article
In: Information and Communications Security, pp. 136–152, 2021.
@inproceedings{CJH+21,
title = {HIAWare: Speculate Handwriting on Mobile Devices with Built-In Sensors},
author = {Jing Chen and Peidong Jiang and Kun He and Cheng Zeng and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/HIAWare-Speculate-Handwriting-on-Mobile-Devices-with-Built-In-Sensors.pdf},
doi = {10.1007/978-3-030-86890-1_8},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {Information and Communications Security},
pages = {136--152},
abstract = {A variety of sensors are built into intelligent mobile devices. However, these sensors can be used as side channels for inferring information. Researchers have shown that some touchscreen information, such as PIN and unlock pattern, can be speculated by background applications with motion sensors. Those attacks mainly focus on the restricted-area input interface (e.g., virtual keyboard). To date, the privacy risk in the unrestricted-area input interface does not receive sufficient attention.In this paper, we investigate such privacy risk and design an unrestricted-area information speculation framework, called Handwritten Information Awareness (HIAWare). HIAWare exploits the sensors’ signals that are affected by handwriting actions to speculate the handwritten characters. To alleviate the impact of different handwriting habits, we utilize the generality patterns of characters. Furthermore, to mitigate the impact of holding posture in handwriting, we propose a user-independent posture-aware approach. As a result, HIAWare can attack any victim without obtaining the victim’s information in advance. The experiments show that the speculation accuracy of HIAWare is close to 90.0%, demonstrating the viability of HIAWare.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
A variety of sensors are built into intelligent mobile devices. However, these sensors can be used as side channels for inferring information. Researchers have shown that some touchscreen information, such as PIN and unlock pattern, can be speculated by background applications with motion sensors. Those attacks mainly focus on the restricted-area input interface (e.g., virtual keyboard). To date, the privacy risk in the unrestricted-area input interface does not receive sufficient attention.In this paper, we investigate such privacy risk and design an unrestricted-area information speculation framework, called Handwritten Information Awareness (HIAWare). HIAWare exploits the sensors’ signals that are affected by handwriting actions to speculate the handwritten characters. To alleviate the impact of different handwriting habits, we utilize the generality patterns of characters. Furthermore, to mitigate the impact of holding posture in handwriting, we propose a user-independent posture-aware approach. As a result, HIAWare can attack any victim without obtaining the victim’s information in advance. The experiments show that the speculation accuracy of HIAWare is close to 90.0%, demonstrating the viability of HIAWare.
Shen, Lujia; Ji, Shouling; Zhang, Xuhong; Li, Jinfeng; Chen, Jing; Shi, Jie; Fang, Chengfang; Yin, Jianwei; Wang, Ting
Backdoor Pre-Trained Models Can Transfer to All Proceedings Article
In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 3141–3158, 2021.
@inproceedings{SJZ+21,
title = {Backdoor Pre-Trained Models Can Transfer to All},
author = {Lujia Shen and Shouling Ji and Xuhong Zhang and Jinfeng Li and Jing Chen and Jie Shi and Chengfang Fang and Jianwei Yin and Ting Wang},
url = {https://doi.org/10.1145/3460120.3485370
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Backdoor-Pre-Trained-Models-Can-Transfer-to-All.pdf},
doi = {10.1145/3460120.3485370},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security},
pages = {3141--3158},
abstract = {Pre-trained general-purpose language models have been a dominating component in enabling real-world natural language processing (NLP) applications. However, a pre-trained model with backdoor can be a severe threat to the applications. Most existing backdoor attacks in NLP are conducted in the fine-tuning phase by introducing malicious triggers in the targeted class, thus relying greatly on the prior knowledge of the fine-tuning task. In this paper, we propose a new approach to map the inputs containing triggers directly to a predefined output representation of the pre-trained NLP models, e.g., a predefined output representation for the classification token in BERT, instead of a target label. It can thus introduce backdoor to a wide range of downstream tasks without any prior knowledge. Additionally, in light of the unique properties of triggers in NLP, we propose two new metrics to measure the performance of backdoor attacks in terms of both effectiveness and stealthiness. Our experiments with various types of triggers show that our method is widely applicable to different fine-tuning tasks (classification and named entity recognition) and to different models (such as BERT, XLNet, BART), which poses a severe threat. Furthermore, by collaborating with the popular online model repository Hugging Face, the threat brought by our method has been confirmed. Finally, we analyze the factors that may affect the attack performance and share insights on the causes of the success of our backdoor attack.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Pre-trained general-purpose language models have been a dominating component in enabling real-world natural language processing (NLP) applications. However, a pre-trained model with backdoor can be a severe threat to the applications. Most existing backdoor attacks in NLP are conducted in the fine-tuning phase by introducing malicious triggers in the targeted class, thus relying greatly on the prior knowledge of the fine-tuning task. In this paper, we propose a new approach to map the inputs containing triggers directly to a predefined output representation of the pre-trained NLP models, e.g., a predefined output representation for the classification token in BERT, instead of a target label. It can thus introduce backdoor to a wide range of downstream tasks without any prior knowledge. Additionally, in light of the unique properties of triggers in NLP, we propose two new metrics to measure the performance of backdoor attacks in terms of both effectiveness and stealthiness. Our experiments with various types of triggers show that our method is widely applicable to different fine-tuning tasks (classification and named entity recognition) and to different models (such as BERT, XLNet, BART), which poses a severe threat. Furthermore, by collaborating with the popular online model repository Hugging Face, the threat brought by our method has been confirmed. Finally, we analyze the factors that may affect the attack performance and share insights on the causes of the success of our backdoor attack.
Wang, Mei; He, Kun; Chen, Jing; Li, Zengpeng; Zhao, Wei; Du, Ruiying
Biometrics-Authenticated Key Exchange for Secure Messaging Proceedings Article
In: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security, pp. 2618–2631, 2021.
@inproceedings{WHC+21,
title = {Biometrics-Authenticated Key Exchange for Secure Messaging},
author = {Mei Wang and Kun He and Jing Chen and Zengpeng Li and Wei Zhao and Ruiying Du},
url = {https://doi.org/10.1145/3460120.3484746
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Biometrics-Authenticated-Key-Exchange-for-Secure-Messaging-.pdf},
doi = {10.1145/3460120.3484746},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security},
pages = {2618--2631},
series = {CCS '21},
abstract = {Secure messaging heavily relies on a session key negotiated by an Authenticated Key Exchange (AKE) protocol. However, existing AKE protocols only verify the existence of a random secret key (corresponding to a certificated public key) stored in the terminal, rather than a legal user who uses the messaging application. In this paper, we propose a Biometrics-Authenticated Key Exchange (BAKE) framework, in which a secret key is derived from a user's biometric characteristics that are not necessary to be stored. To protect the privacy of users' biometric characteristics and realize one-round key exchange, we present an Asymmetric Fuzzy Encapsulation Mechanism (AFEM) to encapsulate messages with a public key derived from a biometric secret key, such that only a similar secret key can decapsulate them. To manifest the practicality, we present two AFEM constructions for two types of biometric secret keys and instantiate them with irises and fingerprints, respectively. We perform security analysis of BAKE and show its performance through extensive experiments.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Secure messaging heavily relies on a session key negotiated by an Authenticated Key Exchange (AKE) protocol. However, existing AKE protocols only verify the existence of a random secret key (corresponding to a certificated public key) stored in the terminal, rather than a legal user who uses the messaging application. In this paper, we propose a Biometrics-Authenticated Key Exchange (BAKE) framework, in which a secret key is derived from a user's biometric characteristics that are not necessary to be stored. To protect the privacy of users' biometric characteristics and realize one-round key exchange, we present an Asymmetric Fuzzy Encapsulation Mechanism (AFEM) to encapsulate messages with a public key derived from a biometric secret key, such that only a similar secret key can decapsulate them. To manifest the practicality, we present two AFEM constructions for two types of biometric secret keys and instantiate them with irises and fingerprints, respectively. We perform security analysis of BAKE and show its performance through extensive experiments.
Qian, Yongfeng; Ma, Yujun; Chen, Jing; Wu, Di; Tian, Daxin; Hwang, Kai
Optimal Location Privacy Preserving and Service Quality Guaranteed Task Allocation in Vehicle-Based Crowdsensing Networks Journal Article
In: IEEE Transactions on Intelligent Transportation Systems, vol. 22, no. 7, pp. 4367-4375, 2021, ISSN: 1558-0016.
@article{9477299,
title = {Optimal Location Privacy Preserving and Service Quality Guaranteed Task Allocation in Vehicle-Based Crowdsensing Networks},
author = {Yongfeng Qian and Yujun Ma and Jing Chen and Di Wu and Daxin Tian and Kai Hwang},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Optimal_Location_Privacy_Preserving_and_Service_Quality_Guaranteed_Task_Allocation_in_Vehicle-Based_Crowdsensing_Networks.pdf},
doi = {10.1109/TITS.2021.3086837},
issn = {1558-0016},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
journal = {IEEE Transactions on Intelligent Transportation Systems},
volume = {22},
number = {7},
pages = {4367-4375},
abstract = {With increasing popularity of related applications of mobile crowdsensing, especially in the field of Internet of Vehicles (IoV), task allocation has attracted wide attention. How to select appropriate participants is a key problem in vehicle-based crowdsensing networks. Some traditional methods choose participants based on minimizing distance, which requires participants to submit their current locations. In this case, participants' location privacy is violated, which influences disclosure of participants' sensitive information. Many privacy preserving task allocation mechanisms have been proposed to encourage users to participate in mobile crowdsensing. However, most of them assume that different participants' task completion quality is the same, which is not reasonable in reality. In this paper, we propose an optimal location privacy preserving and service quality guaranteed task allocation in vehicle-based crowdsensing networks. Specifically, we utilize differential privacy to preserve participants' location privacy, where every participant can submit the obfuscated location to the platform instead of the real one. Based on the obfuscated locations, we design an optimal problem to minimize the moving distance and maximize the task completion quality simultaneously. In order to solve this problem, we decompose it into two linear optimization problems. We conduct extensive experiments to demonstrate the effectiveness of our proposed mechanism.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
With increasing popularity of related applications of mobile crowdsensing, especially in the field of Internet of Vehicles (IoV), task allocation has attracted wide attention. How to select appropriate participants is a key problem in vehicle-based crowdsensing networks. Some traditional methods choose participants based on minimizing distance, which requires participants to submit their current locations. In this case, participants' location privacy is violated, which influences disclosure of participants' sensitive information. Many privacy preserving task allocation mechanisms have been proposed to encourage users to participate in mobile crowdsensing. However, most of them assume that different participants' task completion quality is the same, which is not reasonable in reality. In this paper, we propose an optimal location privacy preserving and service quality guaranteed task allocation in vehicle-based crowdsensing networks. Specifically, we utilize differential privacy to preserve participants' location privacy, where every participant can submit the obfuscated location to the platform instead of the real one. Based on the obfuscated locations, we design an optimal problem to minimize the moving distance and maximize the task completion quality simultaneously. In order to solve this problem, we decompose it into two linear optimization problems. We conduct extensive experiments to demonstrate the effectiveness of our proposed mechanism.
Wang, Xiao; Wang, Zheng; Liu, Wu; Xu, Xin; Chen, Jing; Lin, Chia-Wen
Consistency-Constancy Bi-Knowledge Learning for Pedestrian Detection in Night Surveillance Proceedings Article
In: Proceedings of the 29th ACM International Conference on Multimedia, pp. 4463–4471, Association for Computing Machinery, Virtual Event, China, 2021, ISBN: 9781450386517.
@inproceedings{Wang2021,
title = {Consistency-Constancy Bi-Knowledge Learning for Pedestrian Detection in Night Surveillance},
author = {Xiao Wang and Zheng Wang and Wu Liu and Xin Xu and Jing Chen and Chia-Wen Lin},
url = {https://doi.org/10.1145/3474085.3475599
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/Consistency-Constancy-Bi-Knowledge-Learning-for-Pedestrian-Detection-in-Night-Surveillance.pdf
},
doi = {10.1145/3474085.3475599},
isbn = {9781450386517},
year = {2021},
date = {2021-01-01},
urldate = {2021-01-01},
booktitle = {Proceedings of the 29th ACM International Conference on Multimedia},
pages = {4463\textendash4471},
publisher = {Association for Computing Machinery},
address = {Virtual Event, China},
series = {MM '21},
abstract = {Pedestrian detection in the night surveillance is a challenging yet not largely explored task. As the success of the detector in the daytime surveillance and the convenient acquisition of all-weather data, we learn knowledge from these data to benefit pedestrian detection in night surveillance. We find two key properties of surveillance: distribution cross-time consistency and background cross-frame constancy. This paper proposes a consistency-constancy bi-knowledge learning (CCBL) for pedestrian detection in night surveillance, which is able to simultaneously achieve the night pedestrian detection's useful knowledge, coming from day and night surveillance. Firstly, based on the robustness of the existing detector in day surveillance, we obtain pedestrians' distribution in the daytime scene using the detector's detection results in the daytime scene. Based on the consistency of pedestrians' distribution during the day and night in the same scene, the pedestrian distribution from daytime is used as the consistency-knowledge for pedestrian detection in night surveillance. Secondly, the background as a constant knowledge of the surveillance scene is extractable and contributes to the division of the foreground, which contains most of the pedestrian regions and helps in pedestrian detection for night surveillance. Finally, we add bi-knowledge representation to promote each other and merge them together as the final pedestrian representation. Through extensive experiments, our CCBL significantly outperforms the state-of-the-art methods on public pedestrian detection datasets. In the NightSurveillance dataset, CCBL reduced the average missed detection rate by 3.04% compared to the existing best method.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Pedestrian detection in the night surveillance is a challenging yet not largely explored task. As the success of the detector in the daytime surveillance and the convenient acquisition of all-weather data, we learn knowledge from these data to benefit pedestrian detection in night surveillance. We find two key properties of surveillance: distribution cross-time consistency and background cross-frame constancy. This paper proposes a consistency-constancy bi-knowledge learning (CCBL) for pedestrian detection in night surveillance, which is able to simultaneously achieve the night pedestrian detection's useful knowledge, coming from day and night surveillance. Firstly, based on the robustness of the existing detector in day surveillance, we obtain pedestrians' distribution in the daytime scene using the detector's detection results in the daytime scene. Based on the consistency of pedestrians' distribution during the day and night in the same scene, the pedestrian distribution from daytime is used as the consistency-knowledge for pedestrian detection in night surveillance. Secondly, the background as a constant knowledge of the surveillance scene is extractable and contributes to the division of the foreground, which contains most of the pedestrian regions and helps in pedestrian detection for night surveillance. Finally, we add bi-knowledge representation to promote each other and merge them together as the final pedestrian representation. Through extensive experiments, our CCBL significantly outperforms the state-of-the-art methods on public pedestrian detection datasets. In the NightSurveillance dataset, CCBL reduced the average missed detection rate by 3.04% compared to the existing best method.
2020
Chen, Jiong; He, Kun; Chen, Jing; Fang, Yingying; Du, Ruiying
PowerPrint: Identifying Smartphones through Power Consumption of the Battery Journal Article
In: Security and Communication Networks, vol. 2020, pp. e3893106, 2020, ISSN: 1939-0114.
@article{CHC+20,
title = {PowerPrint: Identifying Smartphones through Power Consumption of the Battery},
author = {Jiong Chen and Kun He and Jing Chen and Yingying Fang and Ruiying Du},
url = {https://www.hindawi.com/journals/scn/2020/3893106/
https://datasec.whu.edu.cn/wp-content/uploads/2023/09/PowerPrint-Identifying-Smartphones-through-Power-Consumption-of-the-Battery.pdf},
doi = {10.1155/2020/3893106},
issn = {1939-0114},
year = {2020},
date = {2020-11-01},
urldate = {2020-11-01},
journal = {Security and Communication Networks},
volume = {2020},
pages = {e3893106},
publisher = {Hindawi},
abstract = {Device fingerprinting technologies are widely employed in smartphones. However, the features used in existing schemes may bring the privacy disclosure problems because of their fixed and invariable nature (such as IMEI and OS version), or the draconian of their experimental conditions may lead to a large reduction in practicality. Finding a new, secure, and effective smartphone fingerprint is, however, a surprisingly challenging task due to the restrictions on technology and mobile phone manufacturers. To tackle this challenge, we propose a battery-based fingerprinting method, named PowerPrint, which captures the feature of power consumption rather than invariable information of the battery. Furthermore, power consumption information can be easily obtained without strict conditions. We design an unsupervised learning-based algorithm to fingerprint the battery, which is stimulated with different power consumption of tasks to improve the performance. We use 15 smartphones to evaluate the performance of PowerPrint in both laboratory and public conditions. The experimental results indicate that battery fingerprint can be efficiently used to identify smartphones with low overhead. At the same time, it will not bring privacy problems, since the power consumption information is changing in real time.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Device fingerprinting technologies are widely employed in smartphones. However, the features used in existing schemes may bring the privacy disclosure problems because of their fixed and invariable nature (such as IMEI and OS version), or the draconian of their experimental conditions may lead to a large reduction in practicality. Finding a new, secure, and effective smartphone fingerprint is, however, a surprisingly challenging task due to the restrictions on technology and mobile phone manufacturers. To tackle this challenge, we propose a battery-based fingerprinting method, named PowerPrint, which captures the feature of power consumption rather than invariable information of the battery. Furthermore, power consumption information can be easily obtained without strict conditions. We design an unsupervised learning-based algorithm to fingerprint the battery, which is stimulated with different power consumption of tasks to improve the performance. We use 15 smartphones to evaluate the performance of PowerPrint in both laboratory and public conditions. The experimental results indicate that battery fingerprint can be efficiently used to identify smartphones with low overhead. At the same time, it will not bring privacy problems, since the power consumption information is changing in real time.
Li, Jiping; Zhang, Ning; Ni, Jianbing; Chen, Jing; Du, Ruiying
Secure and Lightweight Authentication with Key Agreement for Smart Wearable Systems Journal Article
In: IEEE Internet of Things Journal, pp. 1–1, 2020.
@article{LZN+20,
title = {Secure and Lightweight Authentication with Key Agreement for Smart Wearable Systems},
author = {Jiping Li and Ning Zhang and Jianbing Ni and Jing Chen and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2020/04/LZN20-Secure-and-Lightweight-Authentication-with-Key-Agreement-for-Smart-Wearable-Systems.pdf},
doi = {10.1109/JIOT.2020.2984618},
year = {2020},
date = {2020-01-01},
journal = {IEEE Internet of Things Journal},
pages = {1--1},
abstract = {Nowadays, an increasing number of wearable devices have been widely deployed in smart wearable systems to collect health status measures and body information of users. Due to the openness of wireless transmission and the low capabilities of wearable devices in terms of energy and computation, it is of a great challenge to ensure the security of the users’ physiological information. In this paper, we propose a secure and lightweight authentication and key agreement scheme (SLAKA) by using the fuzzy extractor, the cryptographic hash function and the bitwise exclusive-or operation. In SLAKA, mutual authentication between a wearable device (WD) and the mobile terminal (MT) can be achieved, after that, a session key can be negotiated at both ends for future secure communications. Detailed security analysis shows that SLAKA has the resilience against various well-known attacks, such as replay attacks, stolen/lost MT/WD attacks, man-in-the-middle attacks, MT/WD impersonation attacks, password change attacks, anonymity \& untraceability attacks, and privileged-insider attacks. Through performance comparison and extensive simulation, SLAKA is demonstrated to be more efficient than the existing schemes, while providing more extractive features and security guarantees.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Nowadays, an increasing number of wearable devices have been widely deployed in smart wearable systems to collect health status measures and body information of users. Due to the openness of wireless transmission and the low capabilities of wearable devices in terms of energy and computation, it is of a great challenge to ensure the security of the users’ physiological information. In this paper, we propose a secure and lightweight authentication and key agreement scheme (SLAKA) by using the fuzzy extractor, the cryptographic hash function and the bitwise exclusive-or operation. In SLAKA, mutual authentication between a wearable device (WD) and the mobile terminal (MT) can be achieved, after that, a session key can be negotiated at both ends for future secure communications. Detailed security analysis shows that SLAKA has the resilience against various well-known attacks, such as replay attacks, stolen/lost MT/WD attacks, man-in-the-middle attacks, MT/WD impersonation attacks, password change attacks, anonymity & untraceability attacks, and privileged-insider attacks. Through performance comparison and extensive simulation, SLAKA is demonstrated to be more efficient than the existing schemes, while providing more extractive features and security guarantees.
Ji, Shouling; Gu, Qinchen; Weng, Haiqin; Liu, Qianjun; Zhou, Pan; Chen, Jing; Li, Zhao; Beyah, Raheem; Wang, Ting
De-Health: All Your Online Health Information Are Belong to Us Proceedings Article
In: 2020 IEEE 36th International Conference on Data Engineering (ICDE), pp. 1609–1620, 2020.
@inproceedings{JGW+20,
title = {De-Health: All Your Online Health Information Are Belong to Us},
author = {Shouling Ji and Qinchen Gu and Haiqin Weng and Qianjun Liu and Pan Zhou and Jing Chen and Zhao Li and Raheem Beyah and Ting Wang},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2020/07/JGW20-De-Health_-All-Your-Online-Health-Information-Are-Belong-to-Us.pdf},
doi = {10.1109/ICDE48307.2020.00143},
year = {2020},
date = {2020-01-01},
booktitle = {2020 IEEE 36th International Conference on Data Engineering (ICDE)},
pages = {1609--1620},
abstract = {In this paper, we study the privacy of online health data. We present a novel online health data De-Anonymization (DA) framework, named De-Health. Leveraging two real world online health datasets WebMD and HealthBoards, we validate the DA efficacy of De-Health. We also present a linkage attack framework which can link online health/medical information to real world people. Through a proof-of-concept attack, we link 347 out of 2805 WebMD users to real world people, and find the full names, medical/health information, birthdates, phone numbers, and other sensitive information for most of the re-identified users. This clearly illustrates the fragility of the privacy of those who use online health forums.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
In this paper, we study the privacy of online health data. We present a novel online health data De-Anonymization (DA) framework, named De-Health. Leveraging two real world online health datasets WebMD and HealthBoards, we validate the DA efficacy of De-Health. We also present a linkage attack framework which can link online health/medical information to real world people. Through a proof-of-concept attack, we link 347 out of 2805 WebMD users to real world people, and find the full names, medical/health information, birthdates, phone numbers, and other sensitive information for most of the re-identified users. This clearly illustrates the fragility of the privacy of those who use online health forums.
Wu, Cong; He, Kun; Chen, Jing; Zhao, Ziming; Du, Ruiying
Liveness is Not Enough: Enhancing Fingerprint Authentication with Behavioral Biometrics to Defeat Puppet Attacks Proceedings Article
In: 29th USENIX Security Symposium (USENIX Security 20), pp. 2219–2236, USENIX Association, 2020, ISBN: 978-1-939133-17-5.
@inproceedings{WHC+20,
title = {Liveness is Not Enough: Enhancing Fingerprint Authentication with Behavioral Biometrics to Defeat Puppet Attacks},
author = {Cong Wu and Kun He and Jing Chen and Ziming Zhao and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2020/08/WHC20-Liveness-Is-Not-Enough_-Enhancing-Fingerprint-Authentication-with-Behavioral-Biometrics-to-Defeat-Puppet-Attacks.pdf
https://www.usenix.org/conference/usenixsecurity20/presentation/wu},
isbn = {978-1-939133-17-5},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
booktitle = {29th USENIX Security Symposium (USENIX Security 20)},
pages = {2219--2236},
publisher = {USENIX Association},
abstract = {Fingerprint authentication has gained increasing popularity on mobile devices in recent years. However, it is vulnerable to presentation attacks, which include that an attacker spoofs with an artificial replica. Many liveness detection solutions have been proposed to defeat such presentation attacks; however, they all fail to defend against a particular type of presentation attack, namely puppet attack, in which an attacker places an unwilling victim’s finger on the fingerprint sensor. In this paper, we propose FINAUTH, an effective and efficient software-only solution, to complement fingerprint authentication by defeating both synthetic spoofs and puppet attacks using fingertip-touch characteristics. FINAUTH characterizes intrinsic fingertip-touch behaviors including the acceleration and the rotation angle of mobile devices when a legitimate user authenticates. FINAUTH only utilizes common sensors equipped on mobile devices and does not introduce extra usability burdens on users. To evaluate the effectiveness of FINAUTH, we carried out experiments on datasets collected from 90 subjects after the IRB approval. The results show that FINAUTH can achieve the average balanced accuracy of 96.04% with 5 training data points and 99.28% with 100 training data points. Security experiments also demonstrate that FINAUTH is resilient against possible attacks. In addition, we report the usability analysis results of FINAUTH, including user authentication delay and overhead.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Fingerprint authentication has gained increasing popularity on mobile devices in recent years. However, it is vulnerable to presentation attacks, which include that an attacker spoofs with an artificial replica. Many liveness detection solutions have been proposed to defeat such presentation attacks; however, they all fail to defend against a particular type of presentation attack, namely puppet attack, in which an attacker places an unwilling victim’s finger on the fingerprint sensor. In this paper, we propose FINAUTH, an effective and efficient software-only solution, to complement fingerprint authentication by defeating both synthetic spoofs and puppet attacks using fingertip-touch characteristics. FINAUTH characterizes intrinsic fingertip-touch behaviors including the acceleration and the rotation angle of mobile devices when a legitimate user authenticates. FINAUTH only utilizes common sensors equipped on mobile devices and does not introduce extra usability burdens on users. To evaluate the effectiveness of FINAUTH, we carried out experiments on datasets collected from 90 subjects after the IRB approval. The results show that FINAUTH can achieve the average balanced accuracy of 96.04% with 5 training data points and 99.28% with 100 training data points. Security experiments also demonstrate that FINAUTH is resilient against possible attacks. In addition, we report the usability analysis results of FINAUTH, including user authentication delay and overhead.
Chen, Jing; He, Kun; Deng, Lan; Yuan, Quan; Du, Ruiying; Xiang, Yang; Wu, Jie
EliMFS: Achieving Efficient, Leakage-Resilient, and Multi-Keyword Fuzzy Search on Encrypted Cloud Data Journal Article
In: IEEE Transactions on Services Computing, vol. 13, no. 6, pp. 1072–1085, 2020.
@article{CHD+20,
title = {EliMFS: Achieving Efficient, Leakage-Resilient, and Multi-Keyword Fuzzy Search on Encrypted Cloud Data},
author = {Jing Chen and Kun He and Lan Deng and Quan Yuan and Ruiying Du and Yang Xiang and Jie Wu},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/EliMFS_Achieving_Efficient_Leakage-Resilient_and_Multi-Keyword_Fuzzy_Search_on_Encrypted_Cloud_Data.pdf},
doi = {10.1109/TSC.2017.2765323},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Transactions on Services Computing},
volume = {13},
number = {6},
pages = {1072--1085},
abstract = {Motivated by privacy preservation requirements for outsourced data, keyword searches over encrypted cloud data have become a hot topic. Compared to single-keyword exact searches, multi-keyword fuzzy search schemes attract more attention because of their improvements in search accuracy, typo tolerance, and user experience in general. However, existing multi-keyword fuzzy search solutions are not sufficiently efficient when the file set in the cloud is large. To address this, we propose an Efficient Leakage-resilient Multi-keyword Fuzzy Search (EliMFS) framework over encrypted cloud data. In this framework, a novel two-stage index structure is exploited to ensure that search time is independent of file set size. The multi-keyword fuzzy search function is achieved through a delicate design based on the Gram Counting Order, the Bloom filter, and the Locality-Sensitive Hashing. Furthermore, considering the leakages caused by the two-stage index structure, we propose two specific schemes to resist these potential attacks in different threat models. Extensive analysis and experiments show that our schemes are highly efficient and leakage-resilient.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Motivated by privacy preservation requirements for outsourced data, keyword searches over encrypted cloud data have become a hot topic. Compared to single-keyword exact searches, multi-keyword fuzzy search schemes attract more attention because of their improvements in search accuracy, typo tolerance, and user experience in general. However, existing multi-keyword fuzzy search solutions are not sufficiently efficient when the file set in the cloud is large. To address this, we propose an Efficient Leakage-resilient Multi-keyword Fuzzy Search (EliMFS) framework over encrypted cloud data. In this framework, a novel two-stage index structure is exploited to ensure that search time is independent of file set size. The multi-keyword fuzzy search function is achieved through a delicate design based on the Gram Counting Order, the Bloom filter, and the Locality-Sensitive Hashing. Furthermore, considering the leakages caused by the two-stage index structure, we propose two specific schemes to resist these potential attacks in different threat models. Extensive analysis and experiments show that our schemes are highly efficient and leakage-resilient.
Chen, Min; Qian, Yongfeng; Chen, Jing; Hwang, Kai; Mao, Shiwen; Hu, Long
Privacy Protection and Intrusion Avoidance for Cloudlet-Based Medical Data Sharing Journal Article
In: IEEE Transactions on Cloud Computing, vol. 8, no. 4, pp. 1274–1283, 2020.
@article{CQC+20,
title = {Privacy Protection and Intrusion Avoidance for Cloudlet-Based Medical Data Sharing},
author = {Min Chen and Yongfeng Qian and Jing Chen and Kai Hwang and Shiwen Mao and Long Hu},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Privacy_Protection_and_Intrusion_Avoidance_for_Cloudlet-Based_Medical_Data_Sharing.pdf},
doi = {10.1109/TCC.2016.2617382},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Transactions on Cloud Computing},
volume = {8},
number = {4},
pages = {1274--1283},
abstract = {With the popularity of wearable devices, along with the development of clouds and cloudlet technology, there has been increasing need to provide better medical care. The processing chain of medical data mainly includes data collection, data storage and data sharing, etc. Traditional healthcare system often requires the delivery of medical data to the cloud, which involves users’ sensitive information and causes communication energy consumption. Practically, medical data sharing is a critical and challenging issue. Thus in this paper, we build up a novel healthcare system by utilizing the flexibility of cloudlet. The functions of cloudlet include privacy protection, data sharing and intrusion detection. In the stage of data collection, we first utilize Number Theory Research Unit (NTRU) method to encrypt user's body data collected by wearable devices. Those data will be transmitted to nearby cloudlet in an energy efficient fashion. Second, we present a new trust model to help users to select trustable partners who want to share stored data in the cloudlet. The trust model also helps similar patients to communicate with each other about their diseases. Third, we divide users’ medical data stored in remote cloud of hospital into three parts, and give them proper protection. Finally, in order to protect the healthcare system from malicious attacks, we develop a novel collaborative intrusion detection system (IDS) method based on cloudlet mesh, which can effectively prevent the remote healthcare big data cloud from attacks. Our experiments demonstrate the effectiveness of the proposed scheme.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
With the popularity of wearable devices, along with the development of clouds and cloudlet technology, there has been increasing need to provide better medical care. The processing chain of medical data mainly includes data collection, data storage and data sharing, etc. Traditional healthcare system often requires the delivery of medical data to the cloud, which involves users’ sensitive information and causes communication energy consumption. Practically, medical data sharing is a critical and challenging issue. Thus in this paper, we build up a novel healthcare system by utilizing the flexibility of cloudlet. The functions of cloudlet include privacy protection, data sharing and intrusion detection. In the stage of data collection, we first utilize Number Theory Research Unit (NTRU) method to encrypt user's body data collected by wearable devices. Those data will be transmitted to nearby cloudlet in an energy efficient fashion. Second, we present a new trust model to help users to select trustable partners who want to share stored data in the cloudlet. The trust model also helps similar patients to communicate with each other about their diseases. Third, we divide users’ medical data stored in remote cloud of hospital into three parts, and give them proper protection. Finally, in order to protect the healthcare system from malicious attacks, we develop a novel collaborative intrusion detection system (IDS) method based on cloudlet mesh, which can effectively prevent the remote healthcare big data cloud from attacks. Our experiments demonstrate the effectiveness of the proposed scheme.
Song, Wenna; Jiang, Ming; Yan, Han; Xiang, Yi; Chen, Yuan; Luo, Yuan; He, Kun; Peng, Guojun
Android Data-Clone Attack via Operating System Customization Journal Article
In: IEEE Access, vol. 8, pp. 199733–199746, 2020.
@article{SJY+20,
title = {Android Data-Clone Attack via Operating System Customization},
author = {Wenna Song and Ming Jiang and Han Yan and Yi Xiang and Yuan Chen and Yuan Luo and Kun He and Guojun Peng},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/Android_Data-Clone_Attack_via_Operating_System_Customization.pdf},
doi = {10.1109/ACCESS.2020.3035089},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Access},
volume = {8},
pages = {199733--199746},
abstract = {To avoid the inconvenience of retyping a user's ID and password, most mobile apps now provide the automatic login feature for a better user experience. To this end, auto-login credential is stored locally on the smartphone. However, such sensitive credential can be stolen by attackers and placed into their smartphones via the well-known credential-clone attack. Then, attackers can imperceptibly log into the victim's account, which causes more devastating and covert losses than merely intercepting the user's password. In this article, we propose a generalized Android credential-clone attack, called data-clone attack. By exploiting the new-found vulnerabilities of original equipment manufacturer (OEM)-made phone clone apps, we design an identity theft method that overcomes the problem of incomplete credential extraction and eliminates the requirement of root authority. To evade the consistency check of device-specific attributes in apps, we design two environment customization methods for app-level and operating system (OS)-level, respectively. Especially, we develop a transparent Android OS customization solution, named CloneDroid, which simulates 101 special attributes of Android OS. We implement a prototype of CloneDroid and the experimental results show that 172 out of 175 most-downloaded apps' accounts can be jeopardized, such as Facebook and WeChat. Moreover, our study has identified 18 confirmed zero-day vulnerabilities. Our findings paint a cautionary tale for the security community that billions of accounts are potentially exposed to Android OS customization-assisted data-clone attacks.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
To avoid the inconvenience of retyping a user's ID and password, most mobile apps now provide the automatic login feature for a better user experience. To this end, auto-login credential is stored locally on the smartphone. However, such sensitive credential can be stolen by attackers and placed into their smartphones via the well-known credential-clone attack. Then, attackers can imperceptibly log into the victim's account, which causes more devastating and covert losses than merely intercepting the user's password. In this article, we propose a generalized Android credential-clone attack, called data-clone attack. By exploiting the new-found vulnerabilities of original equipment manufacturer (OEM)-made phone clone apps, we design an identity theft method that overcomes the problem of incomplete credential extraction and eliminates the requirement of root authority. To evade the consistency check of device-specific attributes in apps, we design two environment customization methods for app-level and operating system (OS)-level, respectively. Especially, we develop a transparent Android OS customization solution, named CloneDroid, which simulates 101 special attributes of Android OS. We implement a prototype of CloneDroid and the experimental results show that 172 out of 175 most-downloaded apps' accounts can be jeopardized, such as Facebook and WeChat. Moreover, our study has identified 18 confirmed zero-day vulnerabilities. Our findings paint a cautionary tale for the security community that billions of accounts are potentially exposed to Android OS customization-assisted data-clone attacks.
Wu, Cong; He, Kun; Chen, Jing; Du, Ruiying; Xiang, Yang
CaIAuth: Context-Aware Implicit Authentication When the Screen Is Awake Journal Article
In: IEEE Internet of Things Journal, vol. 7, no. 12, pp. 11420–11430, 2020.
@article{WHC+20a,
title = {CaIAuth: Context-Aware Implicit Authentication When the Screen Is Awake},
author = {Cong Wu and Kun He and Jing Chen and Ruiying Du and Yang Xiang},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2023/08/CaIAuth_Context-Aware_Implicit_Authentication_When_the_Screen_Is_Awake.pdf},
doi = {10.1109/JIOT.2020.3006870},
year = {2020},
date = {2020-01-01},
urldate = {2020-01-01},
journal = {IEEE Internet of Things Journal},
volume = {7},
number = {12},
pages = {11420--11430},
abstract = {Relieving users from the burden of remembering and inputting authentication information explicitly, such as passwords/PINs and lock patterns, implicit authentication mechanisms have gained an increasing concern. When providing authentication, the existing implicit methods only depend on a specific behavior, such as typing on the screen, performing gestures, or taking a walk. However, in real applications, a user’s behavioral characteristics are also decided by the context where behavior is performed. Thus, those existing methods show limited authentication accuracy and usability. To address these issues, we propose CaIAuth, a reliable context-aware implicit authentication framework, which profiles users’ behavior and context characteristics in a holistic fashion. It observes the states of context-sensing entities for different smartphone usage patterns and builds a context-aware model to distinguish between legitimate users and illegal ones. We conducted extensive experiments to evaluate system performance with a large data set collected from 142 subjects. The experimental results show that our system achieves a low equal error rate (EER) (e.g., less 7%) and is resilient against common threats, including zero-effect attack and mimicry attack. In addition, CaIAuth achieves a low authentication delay and overhead.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Relieving users from the burden of remembering and inputting authentication information explicitly, such as passwords/PINs and lock patterns, implicit authentication mechanisms have gained an increasing concern. When providing authentication, the existing implicit methods only depend on a specific behavior, such as typing on the screen, performing gestures, or taking a walk. However, in real applications, a user’s behavioral characteristics are also decided by the context where behavior is performed. Thus, those existing methods show limited authentication accuracy and usability. To address these issues, we propose CaIAuth, a reliable context-aware implicit authentication framework, which profiles users’ behavior and context characteristics in a holistic fashion. It observes the states of context-sensing entities for different smartphone usage patterns and builds a context-aware model to distinguish between legitimate users and illegal ones. We conducted extensive experiments to evaluate system performance with a large data set collected from 142 subjects. The experimental results show that our system achieves a low equal error rate (EER) (e.g., less 7%) and is resilient against common threats, including zero-effect attack and mimicry attack. In addition, CaIAuth achieves a low authentication delay and overhead.
2019
Yao, Shixiong; Chen, Jing; He, Kun; Du, Ruiying; Zhu, Tianqing; Chen, Xin
PBCert: Privacy-Preserving Blockchain-Based Certificate Status Validation Toward Mass Storage Management Journal Article
In: IEEE Access, vol. 7, pp. 6117–6128, 2019.
@article{YCH+19,
title = {PBCert: Privacy-Preserving Blockchain-Based Certificate Status Validation Toward Mass Storage Management},
author = {Shixiong Yao and Jing Chen and Kun He and Ruiying Du and Tianqing Zhu and Xin Chen},
url = {http://csp.whu.edu.cn/wp-content/uploads/2019/05/YCH19-PBCert-Privacy-Preserving-Blockchain-Based-Certificate-Status-Validation-toward-Mass-Storage-Management.pdf},
doi = {10.1109/ACCESS.2018.2889898},
year = {2019},
date = {2019-01-01},
journal = {IEEE Access},
volume = {7},
pages = {6117--6128},
abstract = {In the recent years, the vulnerabilities of conventional public key infrastructure are exposed by the real-world attacks, such as the certificate authority’s single-point-of-failure or clients’ private information leakage. Aimed at the first issue, one type of approach is that multiple entities are introduced to assist the certificate operations, including registration, update, and revocation. However, it is inefficient in computation. Another type is to make the certificate information publicly visible by bringing in the log servers. Nevertheless, the data synchronization among log servers may lead to network latency. Based on the second approach, the blockchain-based public key infrastructure schemes are proposed. Through these type of schemes, all the certificate operations are stored in the blockchain for public audit. However, the issue of revoked certificates’ status storage is worth paying attention, especially in the setting with massive certificates. In addition, the target web server that a client wants to access is exposed in the process of certificate status validation. In this paper, we propose a privacy-preserving blockchain-based certificate status validation scheme called PBCert to solve these two issues. First, we separate the revoked certificates control and storage plane. Only the minimal control information (namely, certificate hashes and related operation block height) is stored in the blockchain and it uses external data stores for the detailed information about all revoked certificates. Second, we design an obscure response to the clients’ certificate status query for the purpose of privacy preserving. Through the security analysis and experiment evaluation, our scheme is significant in practice.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In the recent years, the vulnerabilities of conventional public key infrastructure are exposed by the real-world attacks, such as the certificate authority’s single-point-of-failure or clients’ private information leakage. Aimed at the first issue, one type of approach is that multiple entities are introduced to assist the certificate operations, including registration, update, and revocation. However, it is inefficient in computation. Another type is to make the certificate information publicly visible by bringing in the log servers. Nevertheless, the data synchronization among log servers may lead to network latency. Based on the second approach, the blockchain-based public key infrastructure schemes are proposed. Through these type of schemes, all the certificate operations are stored in the blockchain for public audit. However, the issue of revoked certificates’ status storage is worth paying attention, especially in the setting with massive certificates. In addition, the target web server that a client wants to access is exposed in the process of certificate status validation. In this paper, we propose a privacy-preserving blockchain-based certificate status validation scheme called PBCert to solve these two issues. First, we separate the revoked certificates control and storage plane. Only the minimal control information (namely, certificate hashes and related operation block height) is stored in the blockchain and it uses external data stores for the detailed information about all revoked certificates. Second, we design an obscure response to the clients’ certificate status query for the purpose of privacy preserving. Through the security analysis and experiment evaluation, our scheme is significant in practice.
Hu, Long; Qian, Yongfeng; Chen, Jing; Shi, Xiaobo; Zhang, Jing; Mao, Shiwen
Photo Crowdsourcing Based Privacy-Protected Healthcare Journal Article
In: IEEE Transactions on Sustainable Computing, vol. 4, no. 2, pp. 168–177, 2019.
@article{HQC+19,
title = {Photo Crowdsourcing Based Privacy-Protected Healthcare},
author = {Long Hu and Yongfeng Qian and Jing Chen and Xiaobo Shi and Jing Zhang and Shiwen Mao},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2019/06/HQC19-Photo-Crowdsourcing-Based-Privacy-Protected-Healthcare.pdf},
doi = {10.1109/TSUSC.2017.2705181},
year = {2019},
date = {2019-01-01},
journal = {IEEE Transactions on Sustainable Computing},
volume = {4},
number = {2},
pages = {168--177},
abstract = {In this paper, the concept of crowdsourcing is applied to the medical field and a health monitoring mechanism based on photo crowdsourcing is proposed. Specifically, with photo crowdsourcing by many participators, the routine circumstances of users may be represented. However, these photos may include other people than the user, such as the visibility requestor, the invisibility requestor, and the passerby. The visibility and invisibility requestor are the participators in the system, whose identity can be set as visible or invisible, while the passerbys do not participate in the system. Hence, a privacy protection mechanism is proposed for this system, which includes two categories: i) The image fuzzy processing is provided for the invisibility requestor, while the original image is reserved for the visibility requestor. ii) The passerby's image is directly fuzzy processed for privacy protection.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In this paper, the concept of crowdsourcing is applied to the medical field and a health monitoring mechanism based on photo crowdsourcing is proposed. Specifically, with photo crowdsourcing by many participators, the routine circumstances of users may be represented. However, these photos may include other people than the user, such as the visibility requestor, the invisibility requestor, and the passerby. The visibility and invisibility requestor are the participators in the system, whose identity can be set as visible or invisible, while the passerbys do not participate in the system. Hence, a privacy protection mechanism is proposed for this system, which includes two categories: i) The image fuzzy processing is provided for the invisibility requestor, while the original image is reserved for the visibility requestor. ii) The passerby's image is directly fuzzy processed for privacy protection.
Wu, Cong; He, Kun; Chen, Jing; Du, Ruiying
ICAuth: Implicit and Continuous Authentication When the Screen Is Awake Proceedings Article
In: ICC 2019 - 2019 IEEE International Conference on Communications (ICC), pp. 1–6, 2019.
@inproceedings{WHCD19,
title = {ICAuth: Implicit and Continuous Authentication When the Screen Is Awake},
author = {Cong Wu and Kun He and Jing Chen and Ruiying Du},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2019/07/WHCD19-ICAuth_-Implicit-and-Continuous-Authentication-When-the-Screen-Is-Awake.pdf},
doi = {10.1109/ICC.2019.8761435},
year = {2019},
date = {2019-01-01},
booktitle = {ICC 2019 - 2019 IEEE International Conference on Communications (ICC)},
pages = {1--6},
abstract = {Implicit authentication has become increasingly popular over recent years due to the fact that it relieves users from explicit actions such as remembering and entering passwords. This paper puts forward ICAuth, a general and simple implicit authentication method for mobile devices, to authenticate the current user implicitly and continuously when the screen is awake. Distinct from existing implicit user authentication methods which only focus on behavioral characteristics and ignore contextual information, ICAuth is devised to understand different behaviors in various contexts. We investigate the correlations between the behavioral characteristics and contextual information via sensors on mobile devices and observe that user's behavioral characteristics are strongly related to the context. These sensors are divided into two kinds, including fine-grained sensors and coarse-grained sensors, where fine-grained sensor data represent behavioral features and the coarse-grained depict contextual information. ICAuth provides continuous authentication without the involvement of users. It promotes security via authenticating the current user continuously and improves the usability via eliminating the limitation of specific behaviors. We evaluate ICAuth comprehensively with a large dataset including 340842 samples collected from 142 subjects. Our approach achieves an accuracy of 96.85%, FNR of 2.95%, and FPR of 4.01%. Security analysis is also conducted to demonstrate that ICAuth is resilient against common smartphone authentication threats. Finally, we show the low power consumption and authentication latency with 2.2 seconds of ICAuth.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Implicit authentication has become increasingly popular over recent years due to the fact that it relieves users from explicit actions such as remembering and entering passwords. This paper puts forward ICAuth, a general and simple implicit authentication method for mobile devices, to authenticate the current user implicitly and continuously when the screen is awake. Distinct from existing implicit user authentication methods which only focus on behavioral characteristics and ignore contextual information, ICAuth is devised to understand different behaviors in various contexts. We investigate the correlations between the behavioral characteristics and contextual information via sensors on mobile devices and observe that user's behavioral characteristics are strongly related to the context. These sensors are divided into two kinds, including fine-grained sensors and coarse-grained sensors, where fine-grained sensor data represent behavioral features and the coarse-grained depict contextual information. ICAuth provides continuous authentication without the involvement of users. It promotes security via authenticating the current user continuously and improves the usability via eliminating the limitation of specific behaviors. We evaluate ICAuth comprehensively with a large dataset including 340842 samples collected from 142 subjects. Our approach achieves an accuracy of 96.85%, FNR of 2.95%, and FPR of 4.01%. Security analysis is also conducted to demonstrate that ICAuth is resilient against common smartphone authentication threats. Finally, we show the low power consumption and authentication latency with 2.2 seconds of ICAuth.
Qian, Yongfeng; Hu, Long; Chen, Jing; Guan, Xin; Hassan, Mohammad Mehedi; Alelaiwi, Abdulhameed
Privacy-aware Service Placement for Mobile Edge Computing Via Federated Learning Journal Article
In: Information Sciences, vol. 505, pp. 562–570, 2019.
@article{QHC+19,
title = {Privacy-aware Service Placement for Mobile Edge Computing Via Federated Learning},
author = {Yongfeng Qian and Long Hu and Jing Chen and Xin Guan and Mohammad Mehedi Hassan and Abdulhameed Alelaiwi},
url = {https://datasec.whu.edu.cn/wp-content/uploads/2019/11/QHC19-Privacy-Aware-Service-Placement-for-Mobile-Edge-Computing-Via-Federated-Learning.pdf},
doi = {10.1016/j.ins.2019.07.069},
year = {2019},
date = {2019-01-01},
journal = {Information Sciences},
volume = {505},
pages = {562--570},
abstract = {Mobile edge clouds can offer delay-sensitive services to users by deploying storage and computing resources at the network edge. Considering resource-limited edge server, it is impossible to deploy all services on the edge clouds. Thus, many existing works have addressed the problem of arranging services on mobile edge clouds for better quality of services (QoS) to users. In terms of existing service placement strategies, the historical data of requesting services by users are collected to analyze. However, those historical data belong to users’ sensitive information, without appropriate privacy preserving measures may hinder the implementation of traditional service arrangement strategies. Service placement with considering users’ privacy and limited resources of mobile edge clouds, is an extremely urgent problem to be solved. In this paper, we propose a privacy-aware service placement (PSP) scheme to address the problem of service placement with privacy-awareness in the edge cloud system. The purpose of PSP mechanism is to protect users’ privacy and provide better QoS to users when obtaining services from mobile edge clouds. Specifically, whether service placement on mobile edge clouds or not is modeled as a 0\textendash1 problem. Then, a hybrid service placement algorithm is proposed that combines a centralized greedy algorithm and distributed federated learning. Compared with other optimization schemes, the simulation experiments show that PSP algorithm could not only protect users’ privacy but also meet users’ service demands through mobile edge clouds.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Mobile edge clouds can offer delay-sensitive services to users by deploying storage and computing resources at the network edge. Considering resource-limited edge server, it is impossible to deploy all services on the edge clouds. Thus, many existing works have addressed the problem of arranging services on mobile edge clouds for better quality of services (QoS) to users. In terms of existing service placement strategies, the historical data of requesting services by users are collected to analyze. However, those historical data belong to users’ sensitive information, without appropriate privacy preserving measures may hinder the implementation of traditional service arrangement strategies. Service placement with considering users’ privacy and limited resources of mobile edge clouds, is an extremely urgent problem to be solved. In this paper, we propose a privacy-aware service placement (PSP) scheme to address the problem of service placement with privacy-awareness in the edge cloud system. The purpose of PSP mechanism is to protect users’ privacy and provide better QoS to users when obtaining services from mobile edge clouds. Specifically, whether service placement on mobile edge clouds or not is modeled as a 0–1 problem. Then, a hybrid service placement algorithm is proposed that combines a centralized greedy algorithm and distributed federated learning. Compared with other optimization schemes, the simulation experiments show that PSP algorithm could not only protect users’ privacy but also meet users’ service demands through mobile edge clouds.
2018
Chen, Jing; He, Kun; Yuan, Quan; Chen, Min; Du, Ruiying; Xiang, Yang
Blind Filtering at Third Parties: An Efficient Privacy-Preserving Framework for Location-Based Services Journal Article
In: IEEE Transactions on Mobile Computing, vol. 17, no. 11, pp. 2524–2535, 2018.
@article{CHY+18,
title = {Blind Filtering at Third Parties: An Efficient Privacy-Preserving Framework for Location-Based Services},
author = {Jing Chen and Kun He and Quan Yuan and Min Chen and Ruiying Du and Yang Xiang},
url = {http://csp.whu.edu.cn/wp-content/uploads/2019/05/CHY18-Blind-Filtering-at-Third-Parties-an-Efficient-Privacy-Preserving-Framework-for-Location-Based-Services.pdf},
doi = {10.1109/TMC.2018.2811481},
year = {2018},
date = {2018-01-01},
journal = {IEEE Transactions on Mobile Computing},
volume = {17},
number = {11},
pages = {2524--2535},
abstract = {Location-based service (LBS) has gained increasing popularity recently, but protecting users' privacy in LBS remains challenging. Depending on whether a trusted third party (TTP) is used, existing solutions can be classified into: TTP-based and TTP-free. The former relies on a TTP for user privacy protection, which creates a single-point-failure and is thus impractical in reality. The latter does not require any TTP, but usually introduces redundant point-of-interest (POI) records in query result and thus incurs significant computation and communication costs on the user side, making them unsuitable for resource-constrained mobile devices. In this paper, we propose a novel framework to protect user privacy while ensuring efficiency. Our framework also uses redundant POI records to protect privacy against LBS provider but employs a semi-trusted third party, called proxy, to filter out redundant POI records. To protect privacy against proxy, we design a novel filtering protocol, Blind filter, to allow the proxy to filter out redundant encrypted POI records in a blind way. In comparison with existing solutions, our framework is not only resilient to dual identity attack, but also incurs lower communication and computation overhead. Comprehensive analysis and experiments show that our framework is secure and highly efficient in mobile environments.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Location-based service (LBS) has gained increasing popularity recently, but protecting users' privacy in LBS remains challenging. Depending on whether a trusted third party (TTP) is used, existing solutions can be classified into: TTP-based and TTP-free. The former relies on a TTP for user privacy protection, which creates a single-point-failure and is thus impractical in reality. The latter does not require any TTP, but usually introduces redundant point-of-interest (POI) records in query result and thus incurs significant computation and communication costs on the user side, making them unsuitable for resource-constrained mobile devices. In this paper, we propose a novel framework to protect user privacy while ensuring efficiency. Our framework also uses redundant POI records to protect privacy against LBS provider but employs a semi-trusted third party, called proxy, to filter out redundant POI records. To protect privacy against proxy, we design a novel filtering protocol, Blind filter, to allow the proxy to filter out redundant encrypted POI records in a blind way. In comparison with existing solutions, our framework is not only resilient to dual identity attack, but also incurs lower communication and computation overhead. Comprehensive analysis and experiments show that our framework is secure and highly efficient in mobile environments.
Chen, Jing; Wang, Chiheng; Zhao, Ziming; Chen, Kai; Du, Ruiying; Ahn, Gail-Joon
Uncovering the Face of Android Ransomware: Characterization and Real-Time Detection Journal Article
In: IEEE Transactions on Information Forensics and Security, vol. 13, no. 5, pp. 1286–1300, 2018.
@article{CWZ+18,
title = {Uncovering the Face of Android Ransomware: Characterization and Real-Time Detection},
author = {Jing Chen and Chiheng Wang and Ziming Zhao and Kai Chen and Ruiying Du and Gail-Joon Ahn},
url = {http://csp.whu.edu.cn/wp-content/uploads/2019/05/CWZ18-Uncovering-the-Face-of-Android-Ransomware-Characterization-and-Real-Time-Detection.pdf},
doi = {10.1109/TIFS.2017.2787905},
year = {2018},
date = {2018-01-01},
journal = {IEEE Transactions on Information Forensics and Security},
volume = {13},
number = {5},
pages = {1286--1300},
abstract = {In recent years, we witnessed a drastic increase of ransomware, especially on popular mobile platforms including Android. Ransomware extorts victims for a sum of money by taking control of their devices or files. In light of their rapid growth, there is a pressing need to develop effective countermeasure solutions. However, the research community is still constrained by the lack of a comprehensive data set, and there exists no insightful understanding of mobile ransomware in the wild. In this paper, we focus on the Android platform and aim to characterize existing Android ransomware. Specifically, we have managed to collect 2,721 ransomware samples that cover the majority of existing Android ransomware families. Based on these samples, we systematically characterize them from several aspects, including timeline and malicious features. In addition, the detection results of existing anti-virus tools are rather disappointing, which clearly calls for customized anti-mobile-ransomware solutions. To detect ransomware that extorts users by encrypting data, we propose a novel real-time detection system, called RansomProber. By analyzing the user interface widgets of related activities and the coordinates of users' finger movements, RansomProber can infer whether the file encryption operations are initiated by users. The experimental results show that RansomProber can effectively detect encrypting ransomware with high accuracy and acceptable runtime performance.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
In recent years, we witnessed a drastic increase of ransomware, especially on popular mobile platforms including Android. Ransomware extorts victims for a sum of money by taking control of their devices or files. In light of their rapid growth, there is a pressing need to develop effective countermeasure solutions. However, the research community is still constrained by the lack of a comprehensive data set, and there exists no insightful understanding of mobile ransomware in the wild. In this paper, we focus on the Android platform and aim to characterize existing Android ransomware. Specifically, we have managed to collect 2,721 ransomware samples that cover the majority of existing Android ransomware families. Based on these samples, we systematically characterize them from several aspects, including timeline and malicious features. In addition, the detection results of existing anti-virus tools are rather disappointing, which clearly calls for customized anti-mobile-ransomware solutions. To detect ransomware that extorts users by encrypting data, we propose a novel real-time detection system, called RansomProber. By analyzing the user interface widgets of related activities and the coordinates of users' finger movements, RansomProber can infer whether the file encryption operations are initiated by users. The experimental results show that RansomProber can effectively detect encrypting ransomware with high accuracy and acceptable runtime performance.