Types Of Adversaries Research Articles

Health Data Re-Identification: Assessing Adversaries and Potential Harms.

Sharing biomedical data for research can help to improve disease understanding and support the development of preventive, diagnostic, and therapeutic methods. However, it is vital to balance the amount of data shared and the sharing mechanism chosen with the privacy protection provided. This requires a detailed understanding of potential adversaries who might attempt to re-identify data and the consequences of their actions. The aim of this paper is to present a comprehensive list of potential types of adversaries, motivations, and harms to targeted individuals. A group of 13 researchers performed a three-step process in a one-day workshop, involving the identification of adversaries, the categorization by motivation, and the deduction of potential harms. The group collected 28 suggestions and categorized them into six types, each associated with several of six distinct harms. The findings align with previous efforts in structuring threat actors and outcomes and we believe that they provide a robust foundation for evaluating re-identification risks and developing protection measures in health data sharing scenarios.

Privacy and Robustness in Federated Learning: Attacks and Defenses.

As data are increasingly being stored in different silos and societies becoming more aware of data privacy issues, the traditional centralized training of artificial intelligence (AI) models is facing efficiency and privacy challenges. Recently, federated learning (FL) has emerged as an alternative solution and continues to thrive in this new reality. Existing FL protocol designs have been shown to be vulnerable to adversaries within or outside of the system, compromising data privacy and system robustness. Besides training powerful global models, it is of paramount importance to design FL systems that have privacy guarantees and are resistant to different types of adversaries. In this article, we conduct a comprehensive survey on privacy and robustness in FL over the past five years. Through a concise introduction to the concept of FL and a unique taxonomy covering: 1) threat models; 2) privacy attacks and defenses; and 3) poisoning attacks and defenses, we provide an accessible review of this important topic. We highlight the intuitions, key techniques, and fundamental assumptions adopted by various attacks and defenses. Finally, we discuss promising future research directions toward robust and privacy-preserving FL, and their interplays with the multidisciplinary goals of FL.

Approaches to Developing Key Distribution Protocols Based on Quantum Key Distribution

Quantum protocols for generating shared secret keys represent an effective method of ensuring secure information transmission using quantum communication channels. However, they are limited in scalability due to the physical constraints of quantum channels, which necessitates the use of classical communication channels for exchanging information between participants. This leads to the necessity of developing security threat models and network protection, especially in the case of hybrid networks, where quantum channels are used alongside classical ones. The peculiarity of constructing quantum key distribution protocols is associated with the costliness of implementation and implies the inevitable use of classical communication channels for key distribution. This paper addresses the task of ensuring the security of communication between subscribers not directly connected by quantum channels, through intermediary nodes, and analyzes threats from internal and external adversaries. Special attention is paid to situations where both types of adversaries have information about the processes and protocols in the network. The paper examines widely used key distribution protocols employed in practice. It describes the main security requirements applied to key distribution protocols, and presents the results of an analysis of the compliance of the discussed protocols with these requirements

Controllable forward secure identity-based encryption with equality test in privacy-preserving text similarity analysis

Text similarity measures have become increasingly pivotal in text-related research and applications, encompassing tasks such as information retrieval, text classification, document clustering. Unveiling the equality relationship between encrypted words is fundamental for ensuring privacy-preserving text similarity. Identity-based encryption with equality test (IBEET) emerges as a promising solution for computing similarity over encrypted data in cloud environment. However, prevalent IBEET schemes often lack control over the lifespan of trapdoors, potentially leading to misuse and unauthorized disclosure of users' privacy. In this paper, we introduce a novel primitive known as controllable forward secure identity-based encryption with equality test (CFS-IBEET), designed to support both permanent trapdoor and temporary trapdoor. We present a concrete CFS-IBEET scheme based on bilinear pairing and conduct a comprehensive security analysis against two types of adversaries in random oracle model. The comprehensive performance evaluation shows that our CFS-IBEET scheme offers significant advantages of high efficiency of encryption, decryption, trapdoor generation and test algorithms as well as the guarantee of controllable forward security, showcasing its applicability for collaborative filtering recommendation system in E-commerce age.

Leakage-Resilient Hybrid Signcryption in Heterogeneous Public-key Systems

Signcryption integrates both signature and encryption schemes into single scheme to ensure both content unforgeability (authentication) and message confidentiality while reducing computational complexity. Typically, both signers (senders) and decrypters (receivers) in a signcryption scheme belong to the same public-key systems. When signers and decrypters in a signcryption scheme belong to heterogeneous public-key systems, this scheme is called a hybrid signcryption scheme which provides more elastic usage than typical signcryption schemes. In recent years, a new kind of attack, named side-channel attack, allows adversaries to learn a portion of the secret keys used in cryptographic algorithms. To resist such an attack, leakage-resilient cryptography has been widely discussed and studied while a large number of leakage-resilient schemes have been proposed. Also, numerous hybrid signcryption schemes under heterogeneous public-key systems were proposed, but none of them possesses leakage-resilient property. In this paper, we propose the first hybrid signcryption scheme with leakage resilience, called leakage-resilient hybrid signcryption scheme, in heterogeneous public-key systems (LR-HSC-HPKS). Security proofs are demonstrated to show that the proposed scheme provides both authentication and confidentiality against two types of adversaries in heterogeneous public-key systems.

An Efficient and Provably Secure Identity Authentication Scheme for VANET

In recent years, many researchers have applied aggregated signature techniques to resource-constrained vehicular Ad Hoc networks (VANET) authentication scenarios. We reviewed two recent VANET authentication schemes based on certificateless aggregated signatures (CLAS) while demonstrating that neither of them is resistant to public key replacement attacks under their security models. An eavesdropper can successfully forge a legitimate signature to perform malicious operation. To further address the above security flaws, we propose an improved CLAS scheme for VANET. Considering that some researchers have briefly or even incorrectly used forking lemmas in their security proofs to prove an insecure CLAS scheme, we further improve and refine the security model and security proof method for CLAS, which make the proof process transparent by using general forking lemma. Based on these improvements, our scheme can resist attacks from two types of adversaries in the CLAS security model. In the final performance analysis, the improved CLAS scheme outperforms the secure related scheme of recent years in terms of both computational and communication efficiency. Therefore, our proposal is more suitable for resource-constrained VANET environments.

A secure and efficient certificateless authenticated key agreement protocol for smart healthcare

As more and more important smart healthcare becomes in people’s daily life, its security issues draw increasing attention. It is stringent to design trusty communication protocol guaranteeing the data security and users privacy. Recently, Wang et al. proposed a certificateless authenticated key agreement (CL-AKA) protocol such that providing a resolution to transmit unforged data over open channel in smart healthcare. Claiming that their protocol could resist attacks from two types of adversaries, Wang et al. also compared their protocol with several related works. However, in this paper, we analyze their protocol and point out that the protocol lacks forward security. Moreover, aiming at remedying such defects, this paper proposes an improved CL-AKA protocol. Not only does the improved CL-AKA protocol satisfy the security requirements but also behaves efficient compared with other related works.

Learning about simulated adversaries from human defenders using interactive cyber-defense games

Abstract Given the increase in cybercrime, cybersecurity analysts (i.e. defenders) are in high demand. Defenders must monitor an organization’s network to evaluate threats and potential breaches into the network. Adversary simulation is commonly used to test defenders’ performance against known threats to organizations. However, it is unclear how effective this training process is in preparing defenders for this highly demanding job. In this paper, we demonstrate how to use adversarial algorithms to investigate defenders’ learning using interactive cyber-defense games. We created an Interactive Defense Game (IDG) that represents a cyber-defense scenario, which requires monitoring of incoming network alerts and allows a defender to analyze, remove, and restore services based on the events observed in a network. The participants in our study faced one of two types of simulated adversaries. A Beeline adversary is a fast, targeted, and informed attacker; and a Meander adversary is a slow attacker that wanders the network until it finds the right target to exploit. Our results suggest that although human defenders have more difficulty to stop the Beeline adversary initially, they were able to learn to stop this adversary by taking advantage of their attack strategy. Participants who played against the Beeline adversary learned to anticipate the adversary’s actions and took more proactive actions, while decreasing their reactive actions. These findings have implications for understanding how to help cybersecurity analysts speed up their training.

A Linear Homomorphic Proxy Signature Scheme Based on Blockchain for Internet of Things

The mushroom growth of IoT has been accompanied by the generation of massive amounts of data. Subject to the limited storage and computing capabilities of most IoT devices, a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing. One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results. Linearly homomorphic proxy signature (LHPS) is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right. Blockchain has the characteristics of tamper-proof and traceability, and is a new technology to solve data security. However, as far as we know, constructions of LHPS have been few and far between. In addition, the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology. Herein, we improve the security model of the LHPS scheme, and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered. Under the new model, we present a blockchain-based LHPS scheme. The security analysis shows that under the adaptive chosen message attack, the unforgeability of the proposed scheme can be reduced to the CDH hard assumption, while achieving the usual and homomorphic existential unforgeability. Moreover, compared with the previous LHPS scheme, the performance analysis shows that our scheme has the same key size and comparable computational overhead, but has higher security.

PERBANDINGAN ANTARA PERAN JAKSA DI INDONESIA DENGAN PERAN JAKSA DI DAERAH ADMINISTRASI KHUSUS MACAO DALAM SISTEM PERADILAN PIDANA MENURUT UNDANG-UNDANG DASAR

Macao's judicial system is rooted in the Portuguese judicial system (including Spain, Belgium and the Netherlands, all of which are rooted in the French judicial system), namely the inquisitor or non adversarial type of judiciary. is the term Magistrate is used in various systems of government and statutes to refer to the civil officers who administer the law. Both Indonesia and Macau adhere to the European continental legal system. However, in the role of the Prosecutor's Office and the Prosecutor's Office have differences and similarities in the implementation of their duties, functions and obligations. With this study of the role of the Prosecutor's Office, it is hoped that it can provide inspiration for the Attorney General's Office in Indonesia so that it can correct existing deficiencies. This research is a normative research (normative approach), that is, besides relying on normative research, the law is also coupled with a theoretical approach. Furthermore, in analyzing the data, a qualitative approach was used and it was also based on library-based studies, which means that the materials needed for research must be available in libraries, archives and databases, laws and other documents.

Fully Continuous Leakage-Resilient Certificate-Based Signcryption Scheme for Mobile Communications

Due to the popularity of mobile communication, many computing devices are exposed to remote environments without physical protection so that these devices easily suffer from leakage attacks (e.g., side-channel attacks). Under such leakage attacks, when a computing device performs some cryptographic algorithm, an adversary may acquire partial bits of secret keys participated in this cryptographic algorithm. To resist leakage attacks, researchers offer leakage-resilient cryptography as a solution. A signcryption scheme combines signing and encrypting processes to simultaneously provide both authentication and confidentiality, which is an important cryptographic primitive. Indeed, many leakage-resilient signcryption schemes under various public key system (PKS) settings were proposed. Unfortunately, these schemes still have two shortcomings, namely, bounded leakage resilience and conditionally continuous leakage resilience. In this paper, a “fully” continuous leakage-resilient certificate-based signcryption (FCLR-CBSC) scheme is proposed. Security analysis is formally proved to show that our scheme possesses both authentication and confidentiality against two types of adversaries in the certificate-based PKS setting. Performance analysis and simulation experience show that our scheme is suited to run on both a PC and a mobile device.

Survey and Taxonomy of Adversarial Reconnaissance Techniques

Adversaries are often able to penetrate networks and compromise systems by exploiting vulnerabilities in people and systems. The key to the success of these attacks is information that adversaries collect throughout the phases of the cyber kill chain. We summarize and analyze the methods, tactics, and tools that adversaries use to conduct reconnaissance activities throughout the attack process. First, we discuss what types of information adversaries seek and how and when they can obtain this information. Then, we provide a taxonomy and detailed overview of adversarial reconnaissance techniques. The taxonomy introduces a categorization of reconnaissance techniques based on the source as third-party and human-, and system-based information gathering. This article provides a comprehensive view of adversarial reconnaissance that can help in understanding and modeling this complex but vital aspect of cyber attacks as well as insights that can improve defensive strategies, such as cyber deception.

Cooperative distributed state estimation: resilient topologies against smart spoofers

A network of observers is considered, where through asynchronous (with bounded delay) communications, they cooperatively estimate the states of a linear time-invariant (LTI) system. In such a setting, a new type of adversary might affect the observation process by impersonating the identity of the regular node, which is a violation of communication authenticity. These adversaries also inherit the capabilities of Byzantine nodes, making them more powerful threats called smart spoofers. We show how asynchronous networks are vulnerable to smart spoofing attack. In the estimation scheme considered in this paper, information flows from the sets of source nodes, which can detect a portion of the state variables each, to the other follower nodes. The regular nodes, to avoid being misguided by the threats, distributively filter the extreme values received from the nodes in their neighborhood. Topological conditions based on strong robustness are proposed to guarantee the convergence. Two simulation scenarios are provided to verify the results.

Integrity Verification of Distributed Nodes in Critical Infrastructures.

The accuracy and reliability of time synchronization and distribution are essential requirements for many critical infrastructures, including telecommunication networks, where 5G technologies place increasingly stringent conditions in terms of maintaining highly accurate time. A lack of synchronization between the clocks causes a malfunction of the 5G network, preventing it from providing a high quality of service; this makes the time distribution network a very viable target for attacks. Various solutions have been analyzed to mitigate attacks on the Global Navigation Satellite System (GNSS) radio-frequency spectrum and the Precision Time Protocol (PTP) used for time distribution over the network. This paper highlights the significance of monitoring the integrity of the software and configurations of the infrastructural nodes of a time distribution network. Moreover, this work proposes an attestation scheme, based on the Trusted Computing principles, capable of detecting both software violations on the nodes and hardware attacks aimed at tampering with the configuration of the GNSS receivers. The proposed solution has been implemented and validated on a testbed representing a typical synchronization distribution network. The results, simulating various types of adversaries, emphasize the effectiveness of the proposed approach in a wide range of typical attacks and the certain limitations that need to be addressed to enhance the security of the current GNSS receivers.

Taxonomy of Attacks on Privacy-Preserving Record Linkage

Record linkage is the process of identifying records that corresponds to the same real-world entities across different databases. Due to the absence of unique entity identifiers, record linkage is often based on quasi-identifying values of entities (individuals) such as their names and addresses. However, regulatory ethical and legal obligations can limit the use of such personal information in the linkage process in order to protect the privacy and confidentiality of entities. Privacy-preserving record linkage (PPRL) aims to develop techniques that enable the linkage of records without revealing any sensitive or confidential information about the entities that are represented by these records. Over the past two decades various PPRL techniques have been proposed to securely link records between different databases by encrypting and/or encoding sensitive values. However, some PPRL techniques, such as popular Bloom filter encoding, have shown to be susceptible to privacy attacks. These attacks exploit the weaknesses of PPRL techniques by trying to reidentify encrypted and/or encoded sensitive values. In this paper we propose a taxonomy for analysing such attacks on PPRL where we categorise attacks across twelve dimensions, including different types of adversaries, different attack types, assumed knowledge of the adversary, the vulnerabilities of encoded and/or encrypted values exploited by an attack, and assessing the success of attacks. Our taxonomy can be used by data custodians to analyse the privacy risks associated with different PPRL techniques in terms of existing as well as potential future attacks on PPRL.

Summaries

Summaries

Strategic Substitution: China's Search for Coercive Leverage in the Information Age

Abstract China's approach to gaining coercive leverage in the limited wars that it has planned to fight against nuclear-armed adversaries differs from the choices of other states. A theory of strategic substitution explains why China relied on threats to use information-age weapons strategically instead of nuclear threats or conventional victories in the post–Cold War era. Information-age weapons (counterspace weapons, large-scale cyberattacks, and precision conventional missiles) promise to provide quick and credible coercive leverage if they are configured to threaten escalation of a conventional conflict using a “brinkmanship” or “calibrated escalation” force posture. China pursued information-age weapons when it faced a leverage deficit, defined as a situation in which a state's capabilities are ill-suited for the type of war and adversary that it is most likely to fight. China's search for coercive leverage to address those defi- cits became a search for substitutes because its leaders doubted the credibility of nuclear threats and were unable to quickly redress a disadvantage in the conventional military balance of power. A review of original Chinese-language written sources and expert interviews shows that China pursued a coercive cyberattack capability to address a leverage deficit after the United States bombed China's embassy in Belgrade in 1999. China's low dependence on information networks shaped its initial choice of a brinkmanship posture for large-scale offensive cyber operations. China switched to a calibrated escalation posture in 2014, following a dramatic increase in its vulnerability to cyberattacks.

Leakage Prediction in Machine Learning Models When Using Data from Sports Wearable Sensors.

One of the major problems in machine learning is data leakage, which can be directly related to adversarial type attacks, raising serious concerns about the validity and reliability of artificial intelligence. Data leakage occurs when the independent variables used to teach the machine learning algorithm include either the dependent variable itself or a variable that contains clear information that the model is trying to predict. This data leakage results in unreliable and poor predictive results after the development and use of the model. It prevents the model from generalizing, which is required in a machine learning problem and thus causes false assumptions about its performance. To have a solid and generalized forecasting model, which will be able to produce remarkable forecasting results, we must pay great attention to detecting and preventing data leakage. This study presents an innovative system of leakage prediction in machine learning models, which is based on Bayesian inference to produce a thorough approach to calculating the reverse probability of unseen variables in order to make statistical conclusions about the relevant correlated variables and to calculate accordingly a lower limit on the marginal likelihood of the observed variables being derived from some coupling method. The main notion is that a higher marginal probability for a set of variables suggests a better fit of the data and thus a greater likelihood of a data leak in the model. The methodology is evaluated in a specialized dataset derived from sports wearable sensors.

Online Coloring and a New Type of Adversary for Online Graph Problems

We introduce a new type of adversary for online graph problems thus allowing parametrized analysis of online algorithms with respect to a natural parameter. The new adversary is parameterized by a single integer \(\kappa \), which upper bounds the number of connected components that the adversary can use at any time during the presentation of the online graph G. We call this adversary “\(\kappa \)-components-bounded”, or \(\kappa \)-CB for short. On one hand, this adversary is restricted compared to the classical adversary because of the \(\kappa \)-CB constraint. On the other hand, we seek competitive ratios parameterized only by \(\kappa \) with no dependence on the input length n, thereby giving the new adversary power to use arbitrarily large inputs. We study online coloring under the \(\kappa \)-CB adversary. We obtain a finer analysis of the existing algorithms FirstFit and CBIP by computing their competitive ratios on trees and bipartite graphs under the new adversary: (1) Perhaps surprisingly, FirstFit outperforms CBIP on trees; (2) The competitive ratio of CBIP on bipartite graphs is simply \(\kappa \). We also study several well known classes of graphs, such as 3-colorable, \(C_k\)-free, d-inductive, planar, and bounded treewidth, with respect to online coloring under the \(\kappa \)-CB adversary. We demonstrate that the extra adversarial power of unbounded input length outweighs the restriction on the number of connected components leading to non-existence of competitive algorithms for these classes.

Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC’s computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.