Security Analysis and Bypass User Authentication Bound to Device of Windows Hello in the WildRead the full article
Security and Communication Networks provides a prestigious forum for the R&D community in academia and industry working at the interdisciplinary nexus of next generation communications technologies for security implementations in all network layers.
Chief Editor, Dr Di Pietro, is a full professor of cybersecurity at the HBKU College of Science and Engineering, Qatar. His research interests include distributed systems security, cloud security, and wireless security.
Latest ArticlesMore articles
Gradient Descent Optimization in Deep Learning Model Training Based on Multistage and Method Combination Strategy
Gradient descent is the core and foundation of neural networks, and gradient descent optimization heuristics have greatly accelerated progress in deep learning. Although these methods are simple and effective, how they work remains unknown. Gradient descent optimization in deep learning has become a hot research topic. Some research efforts have tried to combine multiple methods to assist network training, but these methods seem to be more empirical, without theoretical guides. In this paper, a framework is proposed to illustrate the principle of combining different gradient descent optimization methods by analyzing several adaptive methods and other learning rate methods. Furthermore, inspired by the principle of warmup, CLR, and SGDR, the concept of multistage is introduced into the field of gradient descent optimization, and a gradient descent optimization strategy in deep learning model training based on multistage and method combination strategy is presented. The effectiveness of the proposed strategy is verified on the massive deep learning network training experiments.
Improved Outsourced Provable Data Possession for Secure Cloud Storage
With the advent of data outsourcing, how to efficiently verify the integrity of data stored at an untrusted cloud service provider (CSP) has become a significant problem in cloud storage. In 2019, Guo et al. proposed an outsourced dynamic provable data possession scheme with batch update for secure cloud storage. Although their scheme is very novel, we find that their proposal is not secure in this paper. The malicious cloud server has ability to forge the authentication labels, and thus it can forge or delete the user’s data but still provide a correct data possession proof. Based on the original protocol, we proposed an improved one for the auditing scheme, and our new protocol is effective yet resistant to attacks.
A Lightweight and Secure Anonymous User Authentication Protocol for Wireless Body Area Networks
The recent development of wireless body area network (WBAN) technology plays a significant role in the modern healthcare system for patient health monitoring. However, owing to the open nature of the wireless channel and the sensitivity of the transmitted messages, the data security and privacy threats in WBAN have been widely discussed and must be solved. In recent years, many authentication protocols had been proposed to provide security and privacy protection in WBANs. However, many of these schemes are not computationally efficient in the authentication process. Inspired by these studies, a lightweight and secure anonymous authentication protocol is presented to provide data security and privacy for WBANs. The proposed scheme adopts a random value and hash function to provide user anonymity. Besides, the proposed protocol can provide user authentication without a trusted third party, which makes the proposed scheme have no computational bottleneck in terms of architecture. Finally, the security and performance analyses demonstrate that the proposed scheme can meet security requirements with low computational and communication costs.
An Efficient Compartmented Secret Sharing Scheme Based on Linear Homogeneous Recurrence Relations
Multipartite secret sharing schemes are those that have multipartite access structures. The set of the participants in those schemes is divided into several parts, and all the participants in the same part play the equivalent role. One type of such access structure is the compartmented access structure, and the other is the hierarchical access structure. We propose an efficient compartmented multisecret sharing scheme based on the linear homogeneous recurrence (LHR) relations. In the construction phase, the shared secrets are hidden in some terms of the linear homogeneous recurrence sequence. In the recovery phase, the shared secrets are obtained by solving those terms in which the shared secrets are hidden. When the global threshold is , our scheme can reduce the computational complexity of the compartmented secret sharing schemes from the exponential time to polynomial time. The security of the proposed scheme is based on Shamir’s threshold scheme, i.e., our scheme is perfect and ideal. Moreover, it is efficient to share the multisecret and to change the shared secrets in the proposed scheme.
Robust Image Hashing Based on Cool and Warm Hue and Space Angle
Image hashing has attracted more and more attention in the field of information security. In this paper, a novel hashing algorithm using cool and warm hue information and three-dimensional space angle is proposed. Firstly, the original image is preprocessed to get the opposite color component and the hue component H in HSV color space. Then, the distribution of cool and warm hue pixels is extracted from hue component H. Blocks the hue component H, according to the proportion of warm hue and cool hue pixels in each small block, combined with the quaternion and opposite color component, constructed the cool and warm hue opposite color quaternion (CWOCQ) feature. Then, three-dimensional space, opposite color, and cool and warm hue are combined to obtain the three-dimensional space angle (TDSA) feature. The CWOCQ feature and the TDSA feature are connected and disturbed to obtain the final hash sequence. Experimental results show that the proposed algorithm has good security and has better image classification performance and shorter computation time compared with some advanced algorithms.
DIIA: Blockchain-Based Decentralized Infrastructure for Internet Accountability
The Internet lacking accountability suffers from IP address spoofing, prefix hijacking, and DDoS attacks. Global PKI-based accountable network involves harmful centralized authority abuse and complex certificate management. The inherently accountable network with self-certifying addresses is incompatible with the current Internet and faces the difficulty of revoking and updating keys. This study presents DIIA, a blockchain-based decentralized infrastructure to provide accountability for the current Internet. Specifically, DIIA designs a public-permissioned blockchain called TIPchain to act as a decentralized trust anchor, allowing cryptographic authentication of IP addresses without any global trusted authority. DIIA also proposes the revocable trustworthy IP address bound to the cryptographic key, which supports automatic key renewal and efficient key revocation and eliminates complexity certificate management. We present several security mechanisms based on DIIA to show how DIIA can help to enhance network layer security. We also implement a prototype system and experiment with real-world data. The results demonstrate the feasibility and suitability of our work in practice.