Optimal Packet Camouflage Against Traffic Analysis

Research has proved that supposedly secure encrypted network traffic is actually threatened by privacy and security violations from many aspects. This is mainly due to flow features leaking evidence about user activity and data content. Currently, adversaries can use statistical traffic analysis to create classifiers for network applications and infer users’ sensitive data. In this article, we propose a system that optimally prevents traffic feature leaks. In our first algorithm, we model the packet length probability distribution of the source app to be protected and that of the target app that the source app will resemble. We define a model that mutates the packet lengths of a source app to those lengths from the target app having similar bin probability. This would confuse a classifier by identifying a mutated source app as the target app. In our second obfuscation algorithm, we present an optimized scheme resulting in a trade-off between privacy and complexity overhead. For this reason, we propose a mathematical model for network obfuscation. We formulate analytically the problem of selecting the target app and the length from the target app to mutate to. Then, we propose an algorithm to solve it dynamically. Extensive evaluation of the proposed models, on real app traffic traces, shows significant obfuscation efficiency with relatively acceptable overhead. We were able to reduce a classification accuracy from 91.1% to 0.22% using the first algorithm, with 11.86% padding overhead. The same classification accuracy was reduced to 1.76% with only 0.73% overhead using the second algorithm.

Download Full-text

Privacy-Preserving Deep Neural Network Methods: Computational and Perceptual Methods—An Overview

Electronics ◽

10.3390/electronics10111367 ◽

2021 ◽

Vol 10 (11) ◽

pp. 1367

Author(s):

Raghida El El Saj ◽

Ehsan Sedgh Sedgh Gooya ◽

Ayman Alfalou ◽

Mohamad Khalil

Keyword(s):

Neural Networks ◽

Classification Accuracy ◽

Deep Neural Networks ◽

Privacy Preserving ◽

Sensitive Data ◽

Encrypted Data ◽

High Classification Accuracy ◽

Hide Information ◽

Network Methods ◽

Cloud Environments

Privacy-preserving deep neural networks have become essential and have attracted the attention of many researchers due to the need to maintain the privacy and the confidentiality of personal and sensitive data. The importance of privacy-preserving networks has increased with the widespread use of neural networks as a service in unsecured cloud environments. Different methods have been proposed and developed to solve the privacy-preserving problem using deep neural networks on encrypted data. In this article, we reviewed some of the most relevant and well-known computational and perceptual image encryption methods. These methods as well as their results have been presented, compared, and the conditions of their use, the durability and robustness of some of them against attacks, have been discussed. Some of the mentioned methods have demonstrated an ability to hide information and make it difficult for adversaries to retrieve it while maintaining high classification accuracy. Based on the obtained results, it was suggested to develop and use some of the cited privacy-preserving methods in applications other than classification.

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text

Confidential Health Care Data Exchange Between Multiple Entities in Cloud using Block Chain

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.b7171.129219 ◽

2019 ◽

Vol 9 (2) ◽

pp. 2566-2573

Keyword(s):

Health Care ◽

Data Exchange ◽

Health Care Organizations ◽

Main Concept ◽

Sensitive Data ◽

Privacy And Security ◽

Health Care Data ◽

Private Data ◽

Peer Network ◽

Block Chain

Data in the cloud is leading to the more interest for cyber attackers. These days’ attackers are concentrating more on Health care data. Through data mining performed on health care data Industries are making Business out of it. These changes are affecting the treatment process for many people so careful data processing is required. Breaking these data security leads to many consequences for health care organizations. After braking security computation of private data can be performed. By data storing and running of computation on a sensitive data can be possible by decentralization through peer to peer network. Instead of using the centralized architecture by decentralization the attacks can be reduced. Different security algorithms have been considered. For decentralization we are using block chain technology. Privacy, security and integrity can be achieved by this block chain technology. Many solutions have been discussed to assure the privacy and security for Health care organizations somehow failed to address this problem. Many cryptographic functions can be used for attaining privacy of data. Pseudonymity is the main concept we can use to preserve the health care means preserving data by disclosing true identity legally.

Download Full-text

A Cloud Database based on AES 256 GCM Encryption Through Devolving Web application of Accounting Information System

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.e5269.019521 ◽

2021 ◽

Vol 9 (5) ◽

pp. 216-221

Author(s):

Alameen Abdalrahman

Keyword(s):

Information System ◽

Web Application ◽

Accounting Information ◽

Cloud Service ◽

Cloud Environment ◽

Sensitive Data ◽

Privacy And Security ◽

Accounting Information System ◽

Accounting Data ◽

Encryption And Decryption

The main objective of this research is to use AES 256 GCM encryption and decryption of a web application system database called Accounting Information System (AIS) for achieving more privacy and security in a cloud environment. A cloud environment provides many services such as software, platform, and infrastructure. AIS can use the cloud to store data to achieve accounting with more performance, efficiency, convenience, and cost reduction. On the other hand, cloud environment is not secure because data is kept away from the organization. This paper focuses on how we deal with secure sensitive data such as accounting data AIS web application at web level encryption by using AES 256 GCM encryption to store data as encrypted data at cloud in a secure manner? Accounting Information System (AIS) has very sensitive data and its need to be more secure and safe specially in cloud because it’s not saved at local servers but at another cloud service provider. The storage of encryption and decryption keys are stored in locations and devices different from those in which the database is stored in the cloud for ensuring more safety.

Download Full-text

The Impact of Operating System on Bandwidth in Open VPN Technology

Baghdad Science Journal ◽

10.21123/bsj.13.1.204-211 ◽

2016 ◽

Vol 13 (1) ◽

pp. 204-211

Author(s):

Baghdad Science Journal

Keyword(s):

Operating System ◽

Operating Systems ◽

Data Privacy ◽

The Internet ◽

Sensitive Data ◽

Privacy And Security ◽

Basic Source ◽

Basic Functions ◽

And Performance ◽

The Impact

The internet is a basic source of information for many specialities and uses. Such information includes sensitive data whose retrieval has been one of the basic functions of the internet. In order to protect the information from falling into the hands of an intruder, a VPN has been established. Through VPN, data privacy and security can be provided. Two main technologies of VPN are to be discussed; IPSec and Open VPN. The complexity of IPSec makes the OpenVPN the best due to the latter’s portability and flexibility to use in many operating systems. In the LAN, VPN can be implemented through Open VPN to establish a double privacy layer(privacy inside privacy). The specific subnet will be used in this paper. The key and certificate will be generated by the server. An authentication and key exchange will be based on standard protocol SSL/TLS. Various operating systems from open source and windows will be used. Each operating system uses a different hardware specification. Tools such as tcpdump and jperf will be used to verify and measure the connectivity and performance. OpenVPN in the LAN is based on the type of operating system, portability and straightforward implementation. The bandwidth which is captured in this experiment is influenced by the operating system rather than the memory and capacity of the hard disk. Relationship and interoperability between each peer and server will be discussed. At the same time privacy for the user in the LAN can be introduced with a minimum specification.

Download Full-text

Compliance and Regulatory Standards for Cloud Computing

Interdisciplinary Perspectives on Business Convergence, Computing, and Legality - Advances in E-Business Research ◽

10.4018/978-1-4666-4209-6.ch006 ◽

2013 ◽

pp. 54-64 ◽

Cited By ~ 3

Author(s):

Jitendra Singh ◽

Vikas Kumar

Keyword(s):

Cloud Computing ◽

Accounting Standards ◽

Third Party ◽

Sensitive Data ◽

Privacy And Security ◽

Regulatory Standards ◽

Security Standards ◽

Cloud Users

Cloud computing is expanding in reach, with its utility-based features and enhanced agility. Still, there is a big concern about the privacy and security of the data. Because of these concerns, third-party cloud users are employing the cloud only for less sensitive data, and the advantage of cloud computing is not fully harnessed. In order to ensure the privacy and security of data, proper compliance and regulatory standards become very important for the cloud domain. Although a number of such standards exist for the traditional computing, they must be modified for their wider adoption to the cloud platforms. This chapter considers the worldwide available standards in the technical and non-technical categories for wider coverage of the cloud platforms. In the technical category, security standards presently followed by cloud computing have been discussed, while in the non-technical category, privacy and accounting standards like HIPPA, SAS 70, GAPP, etc. have been considered.

Download Full-text

Investigation of the trade-off between time window length, classifier update rate and classification accuracy for restorative brain-computer interfaces

2013 35th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC) ◽

10.1109/embc.2013.6609813 ◽

2013 ◽

Cited By ~ 4

Author(s):

Sam Darvishi ◽

Michael C. Ridding ◽

Derek Abbott ◽

Mathias Baumert

Keyword(s):

Classification Accuracy ◽

Time Window ◽

Window Length ◽

Brain Computer Interfaces ◽

Trade Off ◽

Computer Interfaces ◽

Update Rate

Download Full-text

On the Trade-Off between Multi-level Security Classification Accuracy and Training Time

2015 3rd International Conference on Artificial Intelligence, Modelling and Simulation (AIMS) ◽

10.1109/aims.2015.62 ◽

2015 ◽

Author(s):

Paal Engelstad

Keyword(s):

Classification Accuracy ◽

Trade Off ◽

Training Time ◽

Multi Level ◽

And Training

Download Full-text

Performance-energy trade-off exploration in dynamic data types for network applications

Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005. ◽

10.1109/isspit.2005.1577075 ◽

2006 ◽

Author(s):

A. Bartzas ◽

G. Pouiklis ◽

S. Mamagkakis ◽

F. Catthoor ◽

D. Soudris ◽

...

Keyword(s):

Data Types ◽

Dynamic Data ◽

Trade Off ◽

Network Applications ◽

Energy Trade

Download Full-text

Security and Privacy of Online Social Network Applications

Social Network Engineering for Secure Web Data and Services ◽

10.4018/978-1-4666-3926-3.ch010 ◽

2013 ◽

pp. 206-221

Author(s):

Willem De Groef ◽

Dominique Devriese ◽

Tom Reynaert ◽

Frank Piessens

Keyword(s):

Social Network ◽

Social Networking Sites ◽

Online Social Network ◽

Third Party ◽

Security And Privacy ◽

Security Risks ◽

Privacy And Security ◽

Network Applications ◽

Recent Innovation ◽

Social Applications

An important recent innovation on social networking sites is the support for plugging in third-party social applications. Together with the ever-growing number of social network users, social applications come with privacy and security risks for those users. While basic mechanisms for isolating applications are well understood, these mechanisms fall short for social-enabled applications. It is an interesting challenge to design and develop application platforms for social networks that enable the necessary functionality of social applications without compromising both users’ security and privacy. This chapter will identify and discuss the current security and privacy problems related to social applications and their platforms. Next, it will zoom in on proposals on how to address those problems.

Download Full-text