Browsing by Subject "Honey Encryption"

Filter results by typing the first few letters
Now showing 1 - 2 of 2
  • Thumbnail Image
    ItemOpen Access
    Privacy protection for spatial trajectories against brute-force attacks
    (2018-08) Arslan, Dorukhan
    The prevalence of Global Positioning System (GPS) equipped mobile devices and wireless communication technologies have resulted in widespread development of location-based services (LBS). As some typical examples of LBS, routing, tracking, local search, social networking, and context advertising can be given. In terms of update frequency of location, LBS are divided into two categories: snapshot and continuous. Snapshot LBS request a user's location only once to control features. Continuous LBS, on the other hand, require a user's location in a dynamically periodic or on-demand manner. In the course of interaction with a continuous LBS application, the user reveals a sequence of location samples, namely, spatial trajectory, to service provider. Trajectory privacy in such services is of great importance, since adversaries may use the spatio-temporal sequential pattern to disclose the user's personally identi able information (PII) with high certainty. In order to prevent this from happening, service providers generally encrypt spatial trajectory data under the user's password, and then store in their databases. However, potential adversaries may decrypt the encrypted database via a brute-force attack. In other words, they try every possible value for a password until success is achieved. Although using high-entropy passwords have caused inconvenience for adversaries, the encryption schemes of service providers are vulnerable to this type of an attack due to the tendency of users to choose weak passwords. Also, if the rapid evaluation of computing technology and algorithmic advances are taken into consideration, even the use of a large password domain with conventional encryption can lead to the success of a brute-force attack that became feasible computationally. Thus it is crucial to assess privacy threats and take security countermeasures for spatial trajectories. We present a system that incorporates honey encryption (HE) scheme that provides security beyond the brute-force bound in order to o er absolute protection for spatial trajectories against data breaches that involve computationally unbounded adversary. Our technique guarantees that decryption under any password will yield a plausible-looking trajectory. If an adversary decrypts an encrypted trajectory with a wrong password, it cannot eliminate that password, since the system returns an incorrect trajectory that is impossible to distinguish from the correct one. To e ciently encode and decode a spatial trajectory, we build a precise tree-based distribution transforming encoder (DTE) as the fundamental requirement of HE. In addition, we introduce the methods to dynamically update the proposed DTE. To prove the security guarantee of our system, we evalute it considering several attacks with and without side information using a real-life GPS sampling data set taken from 537 taxis over 30 days.
  • Thumbnail Image
    ItemOpen Access
    A privacy-preserving solution for storage and processing of personal health records against brute-force attacks
    (2017-09) Dilmaghani, Saharnaz Esmaeilzadeh
    There is a crucial need for protecting patient's sensitive information, such as personal health record (PHR), from unauthorized users due to the increase in demands of electronic health records. Even though cryptography systems have been signi cantly developed, cyber attack is dramatically increased during the last couple of years. Although using high entropy passwords in the encryption methods can decrease the success of an adversarial attack, it is not popular among the users to choose such passwords. However, using a weak password makes the system vulnerable to brute-force attacks. Towards this end, we present a new framework as a solution for a secure storage of PHR data regardless of the password entropy. Our system is an application of Honey Encryption (HE) scheme which is a new approach that provides a security beyond the brute-force bound and therefore dominates the Password Based Encryption (PBE). We utilize almost 10K patients' information from various datasets in order to construct a precise encoder/ decoder model as a core element of HE. By providing the proposed model, we ensure that the encryption with invalid keys yields a valid-looking but incorrect health information of a patient to an adversary. The previous applications of HE are mainly on the static datasets that are not changing over the time. However, we were able to design an HE based model on a highly dynamic dataset of PHR. To the best of our knowledge, we are the rst to provide a robust password based framework against brute-force attacks of health records regardless of the password entropy. The results of the comparing our proposed encoding method with the direct application of the PBE scheme show that it is almost impossible for an adversary to eliminate any wrong password. We also consider real-life scenarios for di erent attacks with side information about a patient's health related attributes. We implement a robust and concrete framework for storing and processing the PHRs that is also a novel, practical solution for protecting PHR data.