Search results for: secure web sockets
738 Providing Reliability, Availability and Scalability Support for Quick Assist Technology Cryptography on the Cloud
Authors: Songwu Shen, Garrett Drysdale, Veerendranath Mannepalli, Qihua Dai, Yuan Wang, Yuli Chen, David Qian, Utkarsh Kakaiya
Abstract:
Hardware accelerator has been a promising solution to reduce the cost of cloud data centers. This paper investigates the QoS enhancement of the acceleration of an important datacenter workload: the webserver (or proxy) that faces high computational consumption originated from secure sockets layer (SSL) or transport layer security (TLS) procession in the cloud environment. Our study reveals that for the accelerator maintenance cases—need to upgrade driver/firmware or hardware reset due to hardware hang; we still can provide cryptography services by switching to software during maintenance phase and then switching back to accelerator after maintenance. The switching is seamless to server application such as Nginx that runs inside a VM on top of the server. To achieve this high availability goal, we propose a comprehensive fallback solution based on Intel® QuickAssist Technology (QAT). This approach introduces an architecture that involves the collaboration between physical function (PF) and virtual function (VF), and collaboration among VF, OpenSSL, and web application Nginx. The evaluation shows that our solution could provide high reliability, availability, and scalability (RAS) of hardware cryptography service in a 7x24x365 manner in the cloud environment.Keywords: accelerator, cryptography service, RAS, secure sockets layer/transport layer security, SSL/TLS, virtualization fallback architecture
Procedia PDF Downloads 159737 Method Comprising One to One Web Based Real Time Communications
Authors: Lata Kiran Dey, Rajendra Kumar, Biren Karmakar
Abstract:
Web Real Time Communications is a collection of standards, protocols, which provides real-time communications capabilities between web browsers and devices. This paper outlines the design and further implementation of web real-time communications on secure web applications having audio and video call capabilities. This proposed application may put up a system that will be able to work over both desktops as well as the mobile browser. Though, WebRTC also gives a set of JavaScript standard RTC APIs, which primarily works over the real-time communication framework. This helps to build a suitable communication application, which enables the audio, video, and message transfer in between the today’s modern browsers having WebRTC support.Keywords: WebRTC, SIP, RTC, JavaScript, SRTP, secure web sockets, browser
Procedia PDF Downloads 151736 Improving Security by Using Secure Servers Communicating via Internet with Standalone Secure Software
Authors: Carlos Gonzalez
Abstract:
This paper describes the use of the Internet as a feature to enhance the security of our software that is going to be distributed/sold to users potentially all over the world. By placing in a secure server some of the features of the secure software, we increase the security of such software. The communication between the protected software and the secure server is done by a double lock algorithm. This paper also includes an analysis of intruders and describes possible responses to detect threats.Keywords: internet, secure software, threats, cryptography process
Procedia PDF Downloads 334735 Four Phase Methodology for Developing Secure Software
Authors: Carlos Gonzalez-Flores, Ernesto Liñan-García
Abstract:
A simple and robust approach for developing secure software. A Four Phase methodology consists in developing the non-secure software in phase one, and for the next three phases, one phase for each of the secure developing types (i.e. self-protected software, secure code transformation, and the secure shield). Our methodology requires first the determination and understanding of the type of security level needed for the software. The methodology proposes the use of several teams to accomplish this task. One Software Engineering Developing Team, a Compiler Team, a Specification and Requirements Testing Team, and for each of the secure software developing types: three teams of Secure Software Developing, three teams of Code Breakers, and three teams of Intrusion Analysis. These teams will interact among each other and make decisions to provide a secure software code protected against a required level of intruder.Keywords: secure software, four phases methodology, software engineering, code breakers, intrusion analysis
Procedia PDF Downloads 400734 Secure Multiparty Computations for Privacy Preserving Classifiers
Authors: M. Sumana, K. S. Hareesha
Abstract:
Secure computations are essential while performing privacy preserving data mining. Distributed privacy preserving data mining involve two to more sites that cannot pool in their data to a third party due to the violation of law regarding the individual. Hence in order to model the private data without compromising privacy and information loss, secure multiparty computations are used. Secure computations of product, mean, variance, dot product, sigmoid function using the additive and multiplicative homomorphic property is discussed. The computations are performed on vertically partitioned data with a single site holding the class value.Keywords: homomorphic property, secure product, secure mean and variance, secure dot product, vertically partitioned data
Procedia PDF Downloads 412733 Chaotic Control, Masking and Secure Communication Approach of Supply Chain Attractor
Authors: Unal Atakan Kahraman, Yilmaz Uyaroğlu
Abstract:
The chaotic signals generated by chaotic systems have some properties such as randomness, complexity and sensitive dependence on initial conditions, which make them particularly suitable for secure communications. Since the 1990s, the problem of secure communication, based on chaos synchronization, has been thoroughly investigated and many methods, for instance, robust and adaptive control approaches, have been proposed to realize the chaos synchronization. In this paper, an improved secure communication model is proposed based on control of supply chain management system. Control and masking communication simulation results are used to visualize the effectiveness of chaotic supply chain system also performed on the application of secure communication to the chaotic system. So, we discover the secure phenomenon of chaos-amplification in supply chain systemKeywords: chaotic analyze, control, secure communication, supply chain attractor
Procedia PDF Downloads 517732 Secure Image Retrieval Based on Orthogonal Decomposition under Cloud Environment
Authors: Y. Xu, L. Xiong, Z. Xu
Abstract:
In order to protect data privacy, image with sensitive or private information needs to be encrypted before being outsourced to the cloud. However, this causes difficulties in image retrieval and data management. A secure image retrieval method based on orthogonal decomposition is proposed in the paper. The image is divided into two different components, for which encryption and feature extraction are executed separately. As a result, cloud server can extract features from an encrypted image directly and compare them with the features of the queried images, so that the user can thus obtain the image. Different from other methods, the proposed method has no special requirements to encryption algorithms. Experimental results prove that the proposed method can achieve better security and better retrieval precision.Keywords: secure image retrieval, secure search, orthogonal decomposition, secure cloud computing
Procedia PDF Downloads 487731 A Secure Proxy Signature Scheme with Fault Tolerance Based on RSA System
Authors: H. El-Kamchouchi, Heba Gaber, Fatma Ahmed, Dalia H. El-Kamchouchi
Abstract:
Due to the rapid growth in modern communication systems, fault tolerance and data security are two important issues in a secure transaction. During the transmission of data between the sender and receiver, errors may occur frequently. Therefore, the sender must re-transmit the data to the receiver in order to correct these errors, which makes the system very feeble. To improve the scalability of the scheme, we present a secure proxy signature scheme with fault tolerance over an efficient and secure authenticated key agreement protocol based on RSA system. Authenticated key agreement protocols have an important role in building a secure communications network between the two parties.Keywords: proxy signature, fault tolerance, rsa, key agreement protocol
Procedia PDF Downloads 287730 Performance Analysis of Scalable Secure Multicasting in Social Networking
Authors: R. Venkatesan, A. Sabari
Abstract:
Developments of social networking internet scenario are recommended for the requirements of scalable, authentic, secure group communication model like multicasting. Multicasting is an inter network service that offers efficient delivery of data from a source to multiple destinations. Even though multicast has been very successful at providing an efficient and best-effort data delivery service for huge groups, it verified complex process to expand other features to multicast in a scalable way. Separately, the requirement for secure electronic information had become gradually more apparent. Since multicast applications are deployed for mainstream purpose the need to secure multicast communications will become significant.Keywords: multicasting, scalability, security, social network
Procedia PDF Downloads 292729 Proposal of Optimality Evaluation for Quantum Secure Communication Protocols by Taking the Average of the Main Protocol Parameters: Efficiency, Security and Practicality
Authors: Georgi Bebrov, Rozalina Dimova
Abstract:
In the field of quantum secure communication, there is no evaluation that characterizes quantum secure communication (QSC) protocols in a complete, general manner. The current paper addresses the problem concerning the lack of such an evaluation for QSC protocols by introducing an optimality evaluation, which is expressed as the average over the three main parameters of QSC protocols: efficiency, security, and practicality. For the efficiency evaluation, the common expression of this parameter is used, which incorporates all the classical and quantum resources (bits and qubits) utilized for transferring a certain amount of information (bits) in a secure manner. By using criteria approach whether or not certain criteria are met, an expression for the practicality evaluation is presented, which accounts for the complexity of the QSC practical realization. Based on the error rates that the common quantum attacks (Measurement and resend, Intercept and resend, probe attack, and entanglement swapping attack) induce, the security evaluation for a QSC protocol is proposed as the minimum function taken over the error rates of the mentioned quantum attacks. For the sake of clarity, an example is presented in order to show how the optimality is calculated.Keywords: quantum cryptography, quantum secure communcation, quantum secure direct communcation security, quantum secure direct communcation efficiency, quantum secure direct communcation practicality
Procedia PDF Downloads 185728 Secure Cryptographic Operations on SIM Card for Mobile Financial Services
Authors: Kerem Ok, Serafettin Senturk, Serdar Aktas, Cem Cevikbas
Abstract:
Mobile technology is very popular nowadays and it provides a digital world where users can experience many value-added services. Service Providers are also eager to offer diverse value-added services to users such as digital identity, mobile financial services and so on. In this context, the security of data storage in smartphones and the security of communication between the smartphone and service provider are critical for the success of these services. In order to provide the required security functions, the SIM card is one acceptable alternative. Since SIM cards include a Secure Element, they are able to store sensitive data, create cryptographically secure keys, encrypt and decrypt data. In this paper, we design and implement a SIM and a smartphone framework that uses a SIM card for secure key generation, key storage, data encryption, data decryption and digital signing for mobile financial services. Our frameworks show that the SIM card can be used as a controlled Secure Element to provide required security functions for popular e-services such as mobile financial services.Keywords: SIM card, mobile financial services, cryptography, secure data storage
Procedia PDF Downloads 312727 A Review on Factors Influencing Implementation of Secure Software Development Practices
Authors: Sri Lakshmi Kanniah, Mohd Naz’ri Mahrin
Abstract:
More and more businesses and services are depending on software to run their daily operations and business services. At the same time, cyber-attacks are becoming more covert and sophisticated, posing threats to software. Vulnerabilities exist in the software due to the lack of security practices during the phases of software development. Implementation of secure software development practices can improve the resistance to attacks. Many methods, models and standards for secure software development have been developed. However, despite the efforts, they still come up against difficulties in their deployment and the processes are not institutionalized. There is a set of factors that influence the successful deployment of secure software development processes. In this study, the methodology and results from a systematic literature review of factors influencing the implementation of secure software development practices is described. A total of 44 primary studies were analysed as a result of the systematic review. As a result of the study, a list of twenty factors has been identified. Some of factors that affect implementation of secure software development practices are: Involvement of the security expert, integration between security and development team, developer’s skill and expertise, development time and communication between stakeholders. The factors were further classified into four categories which are institutional context, people and action, project content and system development process. The results obtained show that it is important to take into account organizational, technical and people issues in order to implement secure software development initiatives.Keywords: secure software development, software development, software security, systematic literature review
Procedia PDF Downloads 381726 An Efficient Proxy Signature Scheme Over a Secure Communications Network
Authors: H. El-Kamchouchi, Heba Gaber, Fatma Ahmed, Dalia H. El-Kamchouchi
Abstract:
Proxy signature scheme permits an original signer to delegate his/her signing capability to a proxy signer, and then the proxy signer generates a signing message on behalf of the original signer. The two parties must be able to authenticate one another and agree on a secret encryption key, in order to communicate securely over an unreliable public network. Authenticated key agreement protocols have an important role in building secure communications network between the two parties. In this paper, we present a secure proxy signature scheme over an efficient and secure authenticated key agreement protocol based on the discrete logarithm problem.Keywords: proxy signature, warrant partial delegation, key agreement, discrete logarithm
Procedia PDF Downloads 348725 A Software Engineering Methodology for Developing Secure Obfuscated Software
Authors: Carlos Gonzalez, Ernesto Linan
Abstract:
We propose a methodology to conciliate two apparently contradictory processes in the development of secure obfuscated software and good software engineered software. Our methodology consists first in the system designers defining the type of security level required for the software. There are four types of attackers: casual attackers, hackers, institution attack, and government attack. Depending on the level of threat, the methodology we propose uses five or six teams to accomplish this task. One Software Engineer Team and one or two software Obfuscation Teams, and Compiler Team, these four teams will develop and compile the secure obfuscated software, a Code Breakers Team will test the results of the previous teams to see if the software is not broken at the required security level, and an Intrusion Analysis Team will analyze the results of the Code Breakers Team and propose solutions to the development teams to prevent the detected intrusions. We also present an analytical model to prove that our methodology is no only easier to use, but generates an economical way of producing secure obfuscated software.Keywords: development methodology, obfuscated software, secure software development, software engineering
Procedia PDF Downloads 252724 Secure Proxy Signature Based on Factoring and Discrete Logarithm
Authors: H. El-Kamchouchi, Heba Gaber, Fatma Ahmed, Dalia H. El-Kamchouchi
Abstract:
A digital signature is an electronic signature form used by an original signer to sign a specific document. When the original signer is not in his office or when he/she travels outside, he/she delegates his signing capability to a proxy signer and then the proxy signer generates a signing message on behalf of the original signer. The two parties must be able to authenticate one another and agree on a secret encryption key, in order to communicate securely over an unreliable public network. Authenticated key agreement protocols have an important role in building a secure communications network between the two parties. In this paper, we present a secure proxy signature scheme over an efficient and secure authenticated key agreement protocol based on factoring and discrete logarithm problem.Keywords: discrete logarithm, factoring, proxy signature, key agreement
Procedia PDF Downloads 312723 Importance of Hardware Systems and Circuits in Secure Software Development Life Cycle
Authors: Mir Shahriar Emami
Abstract:
Although it is fully impossible to ensure that a software system is quite secure, developing an acceptable secure software system in a convenient platform is not unreachable. In this paper, we attempt to analyze software development life cycle (SDLC) models from the hardware systems and circuits point of view. To date, the SDLC models pay merely attention to the software security from the software perspectives. In this paper, we present new features for SDLC stages to emphasize the role of systems and circuits in developing secure software system through the software development stages, the point that has not been considered previously in the SDLC models.Keywords: SDLC, SSDLC, software security, software process engineering, hardware systems and circuits security
Procedia PDF Downloads 261722 Wireless Transmission of Big Data Using Novel Secure Algorithm
Authors: K. Thiagarajan, K. Saranya, A. Veeraiah, B. Sudha
Abstract:
This paper presents a novel algorithm for secure, reliable and flexible transmission of big data in two hop wireless networks using cooperative jamming scheme. Two hop wireless networks consist of source, relay and destination nodes. Big data has to transmit from source to relay and from relay to destination by deploying security in physical layer. Cooperative jamming scheme determines transmission of big data in more secure manner by protecting it from eavesdroppers and malicious nodes of unknown location. The novel algorithm that ensures secure and energy balance transmission of big data, includes selection of data transmitting region, segmenting the selected region, determining probability ratio for each node (capture node, non-capture and eavesdropper node) in every segment, evaluating the probability using binary based evaluation. If it is secure transmission resume with the two- hop transmission of big data, otherwise prevent the attackers by cooperative jamming scheme and transmit the data in two-hop transmission.Keywords: big data, two-hop transmission, physical layer wireless security, cooperative jamming, energy balance
Procedia PDF Downloads 491721 A Secure Routing Algorithm for Underwater Wireless Sensor Networks
Authors: Seyed Mahdi Jameii
Abstract:
Underwater wireless sensor networks have been attracting the interest of many researchers lately, and the past three decades have beheld the rapid progress of underwater acoustic communication. One of the major problems in underwater wireless sensor networks is how to transfer data from the moving node to the base stations and choose the optimized route for data transmission. Secure routing in underwater wireless sensor network (UWCNs) is necessary for packet delivery. Some routing protocols are proposed for underwater wireless sensor networks. However, a few researches have been done on secure routing in underwater sensor networks. In this article, a secure routing protocol is provided to resist against wormhole and sybil attacks. The results indicated acceptable performance in terms of increasing the packet delivery ratio with regards to the attacks, increasing network lifetime by creating balance in the network energy consumption, high detection rates against the attacks, and low-end to end delay.Keywords: attacks, routing, security, underwater wireless sensor networks
Procedia PDF Downloads 419720 Implementation of a Virtual Testbed for Secure IoT Firmware Update Using Blockchain
Authors: Tarun Chand, Michael Jurczyk
Abstract:
With the increasing need and popularity of IoT devices and how integrated they are becoming in our daily lives and industries, these devices make for a very lucrative target for malicious actors. And since these devices have such limited resources, the implementation of robust security features is a tradeoff to be made for the actual functionality the device was intended for. This makes them an easy target with high returns. Several frameworks for the secure firmware update of these devices have been recently proposed in the literature. They focus on methods such as blockchains and distributed file systems to secure firmware updates, but do not go into the details of the actual implementation of these frameworks and the lower-level interactions among these methods used. This work integrates some of these security measures into one overall framework and details the actual lower-level implementation of this framework in a virtual dockerized testbed running on AWS.Keywords: blockchain, Ethereum, Geth, IPFS, secure IoT-firmware update, virtual testbed development
Procedia PDF Downloads 67719 Attachment and Memories: Activating Attachment in College Students through Narrative-Based Methods
Authors: Catherine Wright, Kate Luedke
Abstract:
This paper questions whether or not individuals who had been exposed to narratives describing secure and insecure-avoidant attachment styles experienced temporary changes in their attachment style when compared to individuals who had been exposed to neutral narratives. The Attachment Style Questionnaire (or ASQ) developed by Feeney, Noller, and Hanrahan in 1994 was utilized to assess attachment style. Participants filled out a truncated version of the ASQ prior to reading the respective narratives assigned to their groups, and filled out the entirety of the ASQ after reading the narratives. Utilizing a one-way independent groups ANOVA, researchers found that the group which read the insecure-avoidant narrative experienced a statistically significant decrease in secure attachment, as did the group which read the secure narrative. The control group, however, experienced a statistically significant increase in secure attachment. Based on these findings, researchers concluded that narratives may have the ability to call attention to parental shortcomings that individuals have experienced in the forms of reminding individuals of positive experiences that they were not able to experience while spending time with their parental figures and calling attention to the shortcomings of said parental figures by reminding them of the negative experiences which they did have with them.Keywords: attachment, insecure-avoidant, memory, secure
Procedia PDF Downloads 402718 Lifting Wavelet Transform and Singular Values Decomposition for Secure Image Watermarking
Authors: Siraa Ben Ftima, Mourad Talbi, Tahar Ezzedine
Abstract:
In this paper, we present a technique of secure watermarking of grayscale and color images. This technique consists in applying the Singular Value Decomposition (SVD) in LWT (Lifting Wavelet Transform) domain in order to insert the watermark image (grayscale) in the host image (grayscale or color image). It also uses signature in the embedding and extraction steps. The technique is applied on a number of grayscale and color images. The performance of this technique is proved by the PSNR (Pick Signal to Noise Ratio), the MSE (Mean Square Error) and the SSIM (structural similarity) computations.Keywords: lifting wavelet transform (LWT), sub-space vectorial decomposition, secure, image watermarking, watermark
Procedia PDF Downloads 276717 Secured Transmission and Reserving Space in Images Before Encryption to Embed Data
Authors: G. R. Navaneesh, E. Nagarajan, C. H. Rajam Raju
Abstract:
Nowadays the multimedia data are used to store some secure information. All previous methods allocate a space in image for data embedding purpose after encryption. In this paper, we propose a novel method by reserving space in image with a boundary surrounded before encryption with a traditional RDH algorithm, which makes it easy for the data hider to reversibly embed data in the encrypted images. The proposed method can achieve real time performance, that is, data extraction and image recovery are free of any error. A secure transmission process is also discussed in this paper, which improves the efficiency by ten times compared to other processes as discussed.Keywords: secure communication, reserving room before encryption, least significant bits, image encryption, reversible data hiding
Procedia PDF Downloads 413716 Optimized Approach for Secure Data Sharing in Distributed Database
Authors: Ahmed Mateen, Zhu Qingsheng, Ahmad Bilal
Abstract:
In the current age of technology, information is the most precious asset of a company. Today, companies have a large amount of data. As the data become larger, access to data for some particular information is becoming slower day by day. Faster data processing to shape it in the form of information is the biggest issue. The major problems in distributed databases are the efficiency of data distribution and response time of data distribution. The security of data distribution is also a big issue. For these problems, we proposed a strategy that can maximize the efficiency of data distribution and also increase its response time. This technique gives better results for secure data distribution from multiple heterogeneous sources. The newly proposed technique facilitates the companies for secure data sharing efficiently and quickly.Keywords: ER-schema, electronic record, P2P framework, API, query formulation
Procedia PDF Downloads 333715 Aliens in Space: Reflections on an Applied Theatre Project in a Medium Secure Hospital
Authors: Ashley Barnes
Abstract:
This paper will consider the ways in which varied notions of Space played a central role in a 12-week drama project with patients in a Medium Secure Hospital in the UK. In the project, the patients devised and performed a series of sketches, inspired by Science Fiction films, which echoed their own experience of alienation. During the project, the familiar and rigorously regulated Activity Room became a site of imagination, adventure and laughter; transforming the atmosphere of the hospital and allowing the patients to be transported to another space entirely. A space that was as much in their heads as in the physical domain. It will be argued that, although work created in an institution such as a Medium Secure Hospital is infused with hegemonic associations and meanings, the starting point for such work should be to seek an empty space in which the participants can allow their imaginations to be released. This work sits within a range of contexts and will be consciously interdisciplinary. It will draw from Human Geography and Criminology, as well as Performance and Applied Theatre Literature. It is hoped that this paper will build upon the literature that relates to the very particular environment of Secure Hospitals and to provide a starting point for further practical exploration.Keywords: criminal justice, mental health, science fiction films, space and place
Procedia PDF Downloads 223714 Verifiable Secure Computation of Large Scale Two-Point Boundary Value Problems Using Certificate Validation
Authors: Yogita M. Ahire, Nedal M. Mohammed, Ahmed A. Hamoud
Abstract:
Scientific computation outsourcing is gaining popularity because it allows customers with limited computing resources and storage devices to outsource complex computation workloads to more powerful service providers. However, it raises some security and privacy concerns and challenges, such as customer input and output privacy, as well as cloud cheating behaviors. This study was motivated by these concerns and focused on privacy-preserving Two-Point Boundary Value Problems (BVP) as a common and realistic instance for verifiable safe multiparty computing. We'll look at the safe and verifiable schema with correctness guarantees by utilizing standard multiparty approaches to compute the result of a computation and then solely using verifiable ways to check that the result was right.Keywords: verifiable computing, cloud computing, secure and privacy BVP, secure computation outsourcing
Procedia PDF Downloads 97713 Transforming Healthcare Data Privacy: Integrating Blockchain with Zero-Knowledge Proofs and Cryptographic Security
Authors: Kenneth Harper
Abstract:
Blockchain technology presents solutions for managing healthcare data, addressing critical challenges in privacy, integrity, and access. This paper explores how privacy-preserving technologies, such as zero-knowledge proofs (ZKPs) and homomorphic encryption (HE), enhance decentralized healthcare platforms by enabling secure computations and patient data protection. An examination of the mathematical foundations of these methods, their practical applications, and how they meet the evolving demands of healthcare data security is unveiled. Using real-world examples, this research highlights industry-leading implementations and offers a roadmap for future applications in secure, decentralized healthcare ecosystems.Keywords: blockchain, cryptography, data privacy, decentralized data management, differential privacy, healthcare, healthcare data security, homomorphic encryption, privacy-preserving technologies, secure computations, zero-knowledge proofs
Procedia PDF Downloads 20712 Secure Transmission Scheme in Device-to-Device Multicast Communications
Authors: Bangwon Seo
Abstract:
In this paper, we consider multicast device-to-device (D2D) direct communication systems in cellular networks. In multicast D2D communications, nearby mobile devices exchanges, their data directly without going through a base station and a D2D transmitter send its data to multiple D2D receivers that compose of D2D multicast group. We consider wiretap channel where there is an eavesdropper that attempts to overhear the transmitted data of the D2D transmitter. In this paper, we propose a secure transmission scheme in D2D multicast communications in cellular networks. In order to prevent the eavesdropper from overhearing the transmitted data of the D2D transmitter, a precoding vector is employed at the D2D transmitter in the proposed scheme. We perform computer simulations to evaluate the performance of the proposed scheme. Through the simulation, we show that the secrecy rate performance can be improved by selecting an appropriate precoding vector.Keywords: device-to-device communications, wiretap channel, secure transmission, precoding
Procedia PDF Downloads 293711 FLEX: A Backdoor Detection and Elimination Method in Federated Scenario
Authors: Shuqi Zhang
Abstract:
Federated learning allows users to participate in collaborative model training without sending data to third-party servers, reducing the risk of user data privacy leakage, and is widely used in smart finance and smart healthcare. However, the distributed architecture design of federation learning itself and the existence of secure aggregation protocols make it inherently vulnerable to backdoor attacks. To solve this problem, the federated learning backdoor defense framework FLEX based on group aggregation, cluster analysis, and neuron pruning is proposed, and inter-compatibility with secure aggregation protocols is achieved. The good performance of FLEX is verified by building a horizontal federated learning framework on the CIFAR-10 dataset for experiments, which achieves 98% success rate of backdoor detection and reduces the success rate of backdoor tasks to 0% ~ 10%.Keywords: federated learning, secure aggregation, backdoor attack, cluster analysis, neuron pruning
Procedia PDF Downloads 96710 New Approach for Constructing a Secure Biometric Database
Authors: A. Kebbeb, M. Mostefai, F. Benmerzoug, Y. Chahir
Abstract:
The multimodal biometric identification is the combination of several biometric systems. The challenge of this combination is to reduce some limitations of systems based on a single modality while significantly improving performance. In this paper, we propose a new approach to the construction and the protection of a multimodal biometric database dedicated to an identification system. We use a topological watermarking to hide the relation between face image and the registered descriptors extracted from other modalities of the same person for more secure user identification.Keywords: biometric databases, multimodal biometrics, security authentication, digital watermarking
Procedia PDF Downloads 391709 Providing a Secure Hybrid Method for Graphical Password Authentication to Prevent Shoulder Surfing, Smudge and Brute Force Attack
Authors: Faraji Sepideh
Abstract:
Nowadays, purchase rate of the smart device is increasing and user authentication is one of the important issues in information security. Alphanumeric strong passwords are difficult to memorize and also owners write them down on papers or save them in a computer file. In addition, text password has its own flaws and is vulnerable to attacks. Graphical password can be used as an alternative to alphanumeric password that users choose images as a password. This type of password is easier to use and memorize and also more secure from pervious password types. In this paper we have designed a more secure graphical password system to prevent shoulder surfing, smudge and brute force attack. This scheme is a combination of two types of graphical passwords recognition based and Cued recall based. Evaluation the usability and security of our proposed scheme have been explained in conclusion part.Keywords: brute force attack, graphical password, shoulder surfing attack, smudge attack
Procedia PDF Downloads 162