Big Data Security Issues (2014 Year in Review)

 

 
SoS Newsletter Logo

Big Data Security Issues

(2014 Year in Review)

 

Big data security is a growing area of interest for researchers. The work presented here ranges from cyber-threat detection in critical infrastructures to privacy protection. This work was presented and published in 2014.

 

Mittal, D.; Kaur, D.; Aggarwal, A., "Secure Data Mining in Cloud Using Homomorphic Encryption," Cloud Computing in Emerging Markets (CCEM), 2014 IEEE International Conference on, pp.1,7, 15-17 Oct. 2014. doi: 10.1109/CCEM.2014.7015496

Abstract: With the advancement in technology, industry, e-commerce and research a large amount of complex and pervasive digital data is being generated which is increasing at an exponential rate and often termed as big data. Traditional Data Storage systems are not able to handle Big Data and also analyzing the Big Data becomes a challenge and thus it cannot be handled by traditional analytic tools. Cloud Computing can resolve the problem of handling, storage and analyzing the Big Data as it distributes the big data within the cloudlets. No doubt, Cloud Computing is the best answer available to the problem of Big Data storage and its analyses but having said that, there is always a potential risk to the security of Big Data storage in Cloud Computing, which needs to be addressed. Data Privacy is one of the major issues while storing the Big Data in a Cloud environment. Data Mining based attacks, a major threat to the data, allows an adversary or an unauthorized user to infer valuable and sensitive information by analyzing the results generated from computation performed on the raw data. This thesis proposes a secure k-means data mining approach assuming the data to be distributed among different hosts preserving the privacy of the data. The approach is able to maintain the correctness and validity of the existing k-means to generate the final results even in the distributed environment.

Keywords: Big Data; cloud computing; cryptography; data analysis; data mining; data privacy; Big Data; cloud computing; data analysis; data mining security; data privacy; data storage systems; homomorphic encryption; k-means data mining approach; Cloud computing; Data privacy; Databases; Encryption   (ID#:15-4017)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7015496&isnumber=7015466

 

Miloslavskaya, N.; Senatorov, M.; Tolstoy, A.; Zapechnikov, S., "Information Security Maintenance Issues for Big Security-Related Data," Future Internet of Things and Cloud (FiCloud), 2014 International Conference on, pp.361,366, 27-29 Aug. 2014. doi: 10.1109/FiCloud.2014.64

Abstract: The need to protect big data, particularly those relating to information security (IS) maintenance (ISM) of an enterprise's IT infrastructure, is shown. A worldwide experience of addressing big data ISM issues is briefly summarized and a big data protection problem statement is formulated. An infrastructure for big data ISM is proposed. New applications areas for big data IT after addressing ISM issues are listed in conclusion.

Keywords: Big Data; security of data; ISM; IT infrastructure; big data protection problem statement; big security-related data; information security maintenance; information security maintenance issues; Arrays; Big data; Data models; Data visualization; Distributed databases; Real-time systems; Security; big data; data visualization; information security; secure infrastructure; security-related data   (ID#:15-4018)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6984220&isnumber=6984143

 

Kan Yang; Xiaohua Jia; Kui Ren; Ruitao Xie; Liusheng Huang, "Enabling Efficient Access Control With Dynamic Policy Updating For Big Data In The Cloud," INFOCOM, 2014 Proceedings IEEE, pp.2013,2021, April 27 2014-May 2 2014. doi: 10.1109/INFOCOM.2014.6848142

Abstract: Due to the high volume and velocity of big data, it is an effective option to store big data in the cloud, because the cloud has capabilities of storing big data and processing high volume of user access requests. Attribute-Based Encryption (ABE) is a promising technique to ensure the end-to-end security of big data in the cloud. However, the policy updating has always been a challenging issue when ABE is used to construct access control schemes. A trivial implementation is to let data owners retrieve the data and re-encrypt it under the new access policy, and then send it back to the cloud. This method incurs a high communication overhead and heavy computation burden on data owners. In this paper, we propose a novel scheme that enabling efficient access control with dynamic policy updating for big data in the cloud. We focus on developing an outsourced policy updating method for ABE systems. Our method can avoid the transmission of encrypted data and minimize the computation work of data owners, by making use of the previously encrypted data with old access policies. Moreover, we also design policy updating algorithms for different types of access policies. The analysis show that our scheme is correct, complete, secure and efficient.

Keywords: Big Data; authorisation; cloud computing; cryptography; ABE; Big Data; access control; access policy; attribute-based encryption; cloud; dynamic policy updating; end-to-end security; outsourced policy updating method; Access control; Big data; Encryption; Public key; Servers; ABE; Access Control; Big Data; Cloud; Policy Updating   (ID#:15-4019)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6848142&isnumber=6847911

 

Marchal, S.; Xiuyan Jiang; State, R.; Engel, T., "A Big Data Architecture for Large Scale Security Monitoring," Big Data (BigData Congress), 2014 IEEE International Congress on, pp. 56, 63, June 27 2014-July 2 2014. doi: 10.1109/BigData.Congress.2014.18

Abstract: Network traffic is a rich source of information for security monitoring. However the increasing volume of data to treat raises issues, rendering holistic analysis of network traffic difficult. In this paper we propose a solution to cope with the tremendous amount of data to analyse for security monitoring perspectives. We introduce an architecture dedicated to security monitoring of local enterprise networks. The application domain of such a system is mainly network intrusion detection and prevention, but can be used as well for forensic analysis. This architecture integrates two systems, one dedicated to scalable distributed data storage and management and the other dedicated to data exploitation. DNS data, NetFlow records, HTTP traffic and honeypot data are mined and correlated in a distributed system that leverages state of the art big data solution. Data correlation schemes are proposed and their performances are evaluated against several well-known big data framework including Hadoop and Spark.

Keywords: Big Data; computer network security; data mining; digital forensics; storage management; telecommunication traffic; transport protocols; Big Data architecture; DNS data; HTTP traffic; Hadoop; NetFlow records; Spark; data correlation schemes; data exploitation; distributed system; forensic analysis; honeypot data; large scale security monitoring; local enterprise networks; network intrusion detection; network intrusion prevention; network traffic; scalable distributed data management; scalable distributed data storage; Big data; Correlation; Distributed databases; IP networks; Monitoring; Security   (ID#:15-4020)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6906761&isnumber=6906742

 

Peng Li; Song Guo, "Load Balancing For Privacy-Preserving Access To Big Data In Cloud," Computer Communications Workshops (INFOCOM WKSHPS), 2014 IEEE Conference on, pp. 524,  528, April 27 2014-May 2 2014. doi: 10.1109/INFCOMW.2014.6849286

Abstract: In the era of big data, many users and companies start to move their data to cloud storage to simplify data management and reduce data maintenance cost. However, security and privacy issues become major concerns because third-party cloud service providers are not always trusty. Although data contents can be protected by encryption, the access patterns that contain important information are still exposed to clouds or malicious attackers. In this paper, we apply the ORAM algorithm to enable privacy-preserving access to big data that are deployed in distributed file systems built upon hundreds or thousands of servers in a single or multiple geo-distributed cloud sites. Since the ORAM algorithm would lead to serious access load unbalance among storage servers, we study a data placement problem to achieve a load balanced storage system with improved availability and responsiveness. Due to the NP-hardness of this problem, we propose a low-complexity algorithm that can deal with large-scale problem size with respect to big data. Extensive simulations are conducted to show that our proposed algorithm finds results close to the optimal solution, and significantly outperforms a random data placement algorithm.

Keywords: Big Data; cloud computing; computational complexity; data protection; distributed databases; file servers; information retrieval; random processes; resource allocation; storage management; Big Data; NP-hardness; ORAM algorithm; cloud storage; data availability; data content protection; data maintenance cost reduction;  data management; data placement problem; data security; distributed file system; encryption; file server; geo-distributed cloud site; load balanced storage system; low-complexity algorithm; privacy preserving access; random data placement algorithm; responsiveness; storage server; Big data; Cloud computing; Conferences; Data privacy ;Random access memory; Security; Servers   (ID#:15-4021)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6849286&isnumber=6849127

 

Murthy, Praveen K., "Top Ten Challenges In Big Data Security And Privacy," Test Conference (ITC), 2014 IEEE International, pp.1,1, 20-23 Oct. 2014. doi: 10.1109/TEST.2014.7035307

Abstract: Security and privacy issues are magnified by the velocity, volume, and variety of Big Data, such as large-scale cloud infrastructures, diversity of data sources and formats, streaming nature of data acquisition and high volume inter-cloud migration. Therefore, traditional security mechanisms, which are tailored to securing small-scale, static (as opposed to streaming) data, are inadequate. In this talk we highlight the top ten Big Data security and privacy challenges. Highlighting the challenges will motivate increased focus on fortifying Big Data infrastructures.

Keywords:  (not provided)  (ID#:15-4022)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7035307&isnumber=7035243

 

Lei Xu; Pham Dang Khoa; Seung Hun Kim; Won Woo Ro; Weidong Shi, "LUT Based Secure Cloud Computing — An Implementation Using FPGAs," ReConFigurable Computing and FPGAs (ReConFig), 2014 International Conference on, pp. 1, 6, 8-10 Dec. 2014. doi: 10.1109/ReConFig.2014.7032537

Abstract: Cloud computing is widely deployed to handle challenges such as big data processing and storage. Due to the outsourcing and sharing feature of cloud computing, security is one of the main concerns that hinders the end users to shift their businesses to the cloud. A lot of cryptographic techniques have been proposed to alleviate the data security issues in cloud computing, but most of these works focus on solving a specific security problem such as data sharing, comparison, searching, etc. At the same time, little efforts have been done on program security and formalization of the security requirements in the context of cloud computing. We propose a formal definition of the security of cloud computing, which captures the essence of the security requirements of both data and program. Analysis of some existing technologies under the proposed definition shows the effectiveness of the definition. We also give a simple look-up table based solution for secure cloud computing which satisfies the given definition. As FPGA uses look-up table as its main computation component, it is a suitable hardware platform for the proposed secure cloud computing scheme. So we use FPGAs to implement the proposed solution for k-means clustering algorithm, which shows the effectiveness of the proposed solution.

Keywords: Big Data; cloud computing; field programmable gate arrays; pattern clustering; security of data; table lookup; FPGA; LUT based secure cloud computing; big data processing; cryptographic techniques; data security problem; data sharing; formalization; k-means clustering algorithm; look-up table; program security; secure cloud computing scheme; security requirements; suitable hardware platform; Cloud computing; Encryption; Field programmable gate arrays; Games; Table lookup   (ID#:15-4023)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7032537&isnumber=7032472

 

Vaarandi, R.; Pihelgas, M., "Using Security Logs for Collecting and Reporting Technical Security Metrics," Military Communications Conference (MILCOM), 2014 IEEE, pp.294, 299, 6-8 Oct. 2014. doi: 10.1109/MILCOM.2014.53

Abstract: During recent years, establishing proper metrics for measuring system security has received increasing attention. Security logs contain vast amounts of information which are essential for creating many security metrics. Unfortunately, security logs are known to be very large, making their analysis a difficult task. Furthermore, recent security metrics research has focused on generic concepts, and the issue of collecting security metrics with log analysis methods has not been well studied. In this paper, we will first focus on using log analysis techniques for collecting technical security metrics from security logs of common types (e.g., Network IDS alarm logs, workstation logs, and Net flow data sets). We will also describe a production framework for collecting and reporting technical security metrics which is based on novel open-source technologies for big data.

Keywords: Big Data; computer network security; big data; log analysis methods; log analysis techniques; open source technology; security logs; technical security metric collection; technical security metric reporting; Correlation; Internet; Measurement; Monitoring; Peer-to-peer computing; Security; Workstations; security log analysis; security metrics   (ID#:15-4024)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6956774&isnumber=6956719

 

Hyejung Moon; Hyun Suk Cho; Seo Hwa Jeong; Jangho Park, "Policy Design Based on Risk at Big Data Era: Case Study of Privacy Invasion in South Korea," Big Data (BigData Congress), 2014 IEEE International Congress on, pp.756,759, June 27 2014-July 2 2014. doi: 10.1109/BigData.Congress.2014.110

Abstract: This paper has conducted analyzing the accident case of data spill to study policy issues for ICT security from a social science perspective focusing on risk. The results from case analysis are as follows. First, ICT risk can be categorized 'severe, strong, intensive and individual' from the level of both probability and impact. Second, strategy of risk management can be designated 'avoid, transfer, mitigate, accept' by understanding their own culture type of relative group such as 'hierarchy, egalitarianism, fatalism and individualism'. Third, personal data has contained characteristics of big data such like 'volume, velocity, variety' for each risk situation. Therefore, government needs to establish a standing organization responsible for ICT risk policy and management in a new big data era. And the policy for ICT risk management needs to balance in considering 'technology, norms, laws, and market' in big data era.

 Keywords: Big Data; data privacy; risk management; Big Data characteristics; Big Data laws; Big Data market; Big Data norms; Big Data technology; ICT risk based policy design; ICT risk management; ICT security; South Korea; culture type; data spill accident case analysis; data variety; data velocity; data volume; egalitarianism group; fatalism group; hierarchy group; impact level; individual ICT risk; individualism group; intensive ICT risk; personal data; privacy invasion; probability level; risk acceptance; risk avoidance; risk mitigation; risk transfer; severe ICT risk; social science perspective; strong ICT risk; Accidents; Big data; Data privacy; Moon; Privacy; Risk management; Security; ICT policy; big data;cultural types; privacy invasion; technological risk   (ID#:15-4025)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6906854&isnumber=6906742

 

Chandrasekaran, S.; Nandita, S.; Nikhil Arvind, R., "Social Network Security Management Model Using Unified Communications as a Service," Computer Applications and Information Systems (WCCAIS), 2014 World Congress on, pp. 1 ,5, 17-19 Jan. 2014. doi: 10.1109/WCCAIS.2014.6916652

Abstract: The objective of the paper is to propose a social network security management model for a multi-tenancy SaaS application using Unified Communications as a Service (UCaaS) approach. The earlier security management models do not cover the issues when data inadvertently get exposed to other users due to poor implementation of the access management processes. When a single virtual machine moves or dissolves in the network, many separate machines may bypass the security conditions that had been implemented for its neighbors which lead to vulnerability of the hosted services. When the services are multi-tenant, the issue becomes very critical due to lack of asynchronous asymmetric communications between virtual when more number of applications and users are added into the network creating big data issues and its identity. The TRAIN model for the security management using PC-FAST algorithm is proposed in order to detect and identify the communication errors between the hosted services.

Keywords: cloud computing; security of data; social networking (online);virtual machines; PC-FAST algorithm; TRAIN model ;UCaaS approach; access management processes; asynchronous asymmetric communications; communication errors detection; communication errors identification; hosted services vulnerability; multitenancy SaaS application; multitenant services; security conditions; social network security management model; unified communications as a service; virtual machine; Authentication; Communities; Servers; Social network services; Software as a service; Switches; Software as a Service; UCaaS; multi-tenancy; security management; social networks; virtual machine   (ID#:15-4026)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6916652&isnumber=6916540

 

Baek, J.; Vu, Q.; Liu, J.; Huang, X.; Xiang, Y., "A Secure Cloud Computing Based Framework For Big Data Information Management Of Smart Grid," Cloud Computing, IEEE Transactions On, Vol. PP, No. 99, Pp.1, 1, 19 September 2014. Doi: 10.1109/TCC.2014.2359460

Abstract: Smart grid is a technological innovation that improves efficiency, reliability, economics, and sustainability of electricity services. It plays a crucial role in modern energy infrastructure. The main challenges of smart grids, however, are how to manage different types of front-end intelligent devices such as power assets and smart meters efficiently; and how to process a huge amount of data received from these devices. Cloud computing, a technology that provides computational resources on demands, is a good candidate to address these challenges since it has several good properties such as energy saving, cost saving, agility, scalability and flexibility. In this paper, we propose a secure cloud computing based framework for big data information management in smart grids, which we call “Smart-Frame.” The main idea of our framework is to build a hierarchical structure of cloud computing centers to provide different types of computing services for information management and big data analysis. In addition to this structural framework, we present a security solution based on identity-based encryption, signature and proxy re-encryption to address critical security issues of the proposed framework.

Keywords: Cloud computing; Computer architecture; Identity-based encryption; Information management; Smart grids   (ID#:15-4027)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6905754&isnumber=6562694

 

Silva Ferraz, F.; Guimaraes Ferraz, C.A., "Smart City Security Issues: Depicting Information Security Issues in the Role of an Urban Environment," Utility and Cloud Computing (UCC), 2014 IEEE/ACM 7th International Conference on, pp. 842, 847, 8-11 Dec. 2014. doi: 10.1109/UCC.2014.137

Abstract: For the first time in the history of humanity, more them half of the population is now living in big cities. This scenario has raised concerns related systems that provide basic services to citizens. Even more, those systems has now the responsibility to empower the citizen with information and values that may aid people on daily decisions, such as related to education, transport, healthy and others. This environment creates a set of services that, interconnected, can develop a brand new range of solutions that refers to a term often called System of Systems. In this matter, focusing in a smart city, new challenges related to information security raises, those concerns may go beyond the concept of privacy issues exploring situations where the entire environment could be affected by issues different them only break the confidentiality of a data. This paper intends to discuss and propose 9 security issues that can be part of a smart city environment, and that explores more them just citizens privacy violations.

Keywords: data privacy; security of data; smart cities; big cities; information security; privacy issues; smart city security; urban environment; Cities and towns; Cloud computing; Information security; Intelligent sensors; Servers; information security; security issues; smart city   (ID#:15-4028)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7027604&isnumber=7027326

 

Majumder, A.; Majumdar, A.; Podder, T.; Kar, N.; Sharma, M., "Secure Data Communication And Cryptography Based On DNA Based Message Encoding," Advanced Communication Control and Computing Technologies (ICACCCT), 2014 International Conference on, pp. 360, 363, 8-10 May 2014. doi: 10.1109/ICACCCT.2014.7019464

Abstract: Secure data communication is the most important and essential issue in the area of message transmission over the networks. Cryptography provides the way of making secure message for confidential message transfer. Cryptography is the process of transforming the sender's message to a secret format called cipher text that only intended receiver will get understand the meaning of the secret message. There are various cryptographic or DNA based encoding algorithms have been proposed in order to make secret message for communication. But all these proposed DNA based encryption algorithms are not secure enough to provide better security as compared with the today's security requirement. In this paper, we have proposed a technique of encryption that will enhance the message security. In this proposed algorithm, a new method of DNA based encryption with a strong key of 256 bit is used. Along with this big size key various other encoding tools are used as key in the encoding process of the message like random series of DNA bases, modified DNA bases coding. Moreover a new method of round key selection is also given in this paper to provide better security in the message. The cipher text contains the extra bit of information as similar with the DNA strands that will provide better and enhanced security against intruder's attack.

Keywords: cryptography; DNA based encryption algorithm; DNA based message encoding ;cipher text; confidential message transfer; cryptography; data communication security; Cryptography; DNA; Digital audio players; Ciphertext; Coded message; DNA sequence; Encoding tools; Final Cipher   (ID#:15-4029)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7019464&isnumber=7019129

 

Haoliang Lou; Yunlong Ma; Feng Zhang; Min Liu; Weiming Shen, "Data Mining For Privacy Preserving Association Rules Based On Improved MASK Algorithm," Computer Supported Cooperative Work in Design (CSCWD), Proceedings of the 2014 IEEE 18th International Conference on,  pp. 265, 270, 21-23 May 2014. doi: 10.1109/CSCWD.2014.6846853

Abstract: With the arrival of the big data era, information privacy and security issues become even more crucial. The Mining Associations with Secrecy Konstraints (MASK) algorithm and its improved versions were proposed as data mining approaches for privacy preserving association rules. The MASK algorithm only adopts a data perturbation strategy, which leads to a low privacy-preserving degree. Moreover, it is difficult to apply the MASK algorithm into practices because of its long execution time. This paper proposes a new algorithm based on data perturbation and query restriction (DPQR) to improve the privacy-preserving degree by multi-parameters perturbation. In order to improve the time-efficiency, the calculation to obtain an inverse matrix is simplified by dividing the matrix into blocks; meanwhile, a further optimization is provided to reduce the number of scanning database by set theory. Both theoretical analyses and experiment results prove that the proposed DPQR algorithm has better performance.

Keywords: data mining; data privacy; matrix algebra; query processing; DPQR algorithm; data mining; data perturbation and query restriction; data perturbation strategy; improved MASK algorithm; information privacy; inverse matrix; mining associations with secrecy constraints; privacy preserving association rules; scanning database; security issues; Algorithm design and analysis; Association rules; Data privacy; Itemsets; Time complexity; Data mining; association rules; multi-parameters perturbation; privacy preservation   (ID#:15-4030)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6846853&isnumber=6846800

 

Hassan, S.; Abbas Kamboh, A.; Azam, F., "Analysis of Cloud Computing Performance, Scalability, Availability, & Security," Information Science and Applications (ICISA), 2014 International Conference on, vol., no., pp.1,5, 6-9 May 2014. doi: 10.1109/ICISA.2014.6847363

Abstract: Cloud Computing means that a relationship of many number of computers through a contact channel like internet. Through cloud computing we send, receive and store data on internet. Cloud Computing gives us an opportunity of parallel computing by using a large number of Virtual Machines. Now a days, Performance, scalability, availability and security may represent the big risks in cloud computing. In this paper we highlights the issues of security, availability and scalability issues and we will also identify that how we make our cloud computing based infrastructure more secure and more available. And we also highlight the elastic behavior of cloud computing. And some of characteristics which involved for gaining the high performance of cloud computing will also be discussed.

Keywords: cloud computing; parallel processing; security of data; virtual machines; Internet; cloud computing; parallel computing; scalability; security ;virtual machine; Availability; Cloud computing; Computer hacking; Scalability   (ID#:15-4031)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6847363&isnumber=6847317

 

Butun, I.; Morgera, S.D.; Sankar, R., "A Survey of Intrusion Detection Systems in Wireless Sensor Networks," Communications Surveys & Tutorials, IEEE, vol. 16, no. 1, pp. 266, 282, First Quarter 2014. doi: 10.1109/SURV.2013.050113.00191

Abstract: Wireless Sensor Networking is one of the most promising technologies that have applications ranging from health care to tactical military. Although Wireless Sensor Networks (WSNs) have appealing features (e.g., low installation cost, unattended network operation), due to the lack of a physical line of defense (i.e., there are no gateways or switches to monitor the information flow), the security of such networks is a big concern, especially for the applications where confidentiality has prime importance. Therefore, in order to operate WSNs in a secure way, any kind of intrusions should be detected before attackers can harm the network (i.e., sensor nodes) and/or information destination (i.e., data sink or base station). In this article, a survey of the state-of-the-art in Intrusion Detection Systems (IDSs) that are proposed for WSNs is presented. Firstly, detailed information about IDSs is provided. Secondly, a brief survey of IDSs proposed for Mobile Ad-Hoc Networks (MANETs) is presented and applicability of those systems to WSNs are discussed. Thirdly, IDSs proposed for WSNs are presented. This is followed by the analysis and comparison of each scheme along with their advantages and disadvantages. Finally, guidelines on IDSs that are potentially applicable to WSNs are provided. Our survey is concluded by highlighting open research issues in the field.

Keywords: mobile ad hoc networks; telecommunication security;  wireless sensor networks; IDS guidelines; MANET; intrusion detection systems; mobile ad hoc network; research issues; wireless sensor networks; Ad hoc networks; Intrusion detection; Mobile agents; Monitoring; Unified modeling language; Wireless sensor networks; IDS; MANET; WSN ;intrusion detection; mobile ad hoc network; security; wireless sensor network   (ID#:15-4032)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6517052&isnumber=6734841

 

Miyoung Jang; Min Yoon; Jae-Woo Chang, "A Privacy-Aware Query Authentication Index For Database Outsourcing," Big Data and Smart Computing (BIGCOMP), 2014 International Conference on, pp.72,76, 15-17 Jan. 2014. doi: 10.1109/BIGCOMP.2014.6741410

Abstract: Recently, cloud computing has been spotlighted as a new paradigm of database management system. In this environment, databases are outsourced and deployed on a service provider in order to reduce cost for data storage and maintenance. However, the service provider might be untrusted so that the two issues of data security, including data confidentiality and query result integrity, become major concerns for users. Existing bucket-based data authentication methods have problem that the original spatial data distribution can be disclosed from data authentication index due to the unsophisticated data grouping strategies. In addition, the transmission overhead of verification object is high. In this paper, we propose a privacy-aware query authentication which guarantees data confidentiality and query result integrity for users. A periodic function-based data grouping scheme is designed to privately partition a spatial database into small groups for generating a signature of each group. The group signature is used to check the correctness and completeness of outsourced data when answering a range query to users. Through performance evaluation, it is shown that proposed method outperforms the existing method in terms of range query processing time up to 3 times.

Keywords: cloud computing; data integrity; data privacy; database indexing; digital signatures; outsourcing; query processing; visual databases; bucket-based data authentication methods; cloud computing ;cost reduction; data confidentiality; data maintenance; data security; data storage; database management system; database outsourcing; group signature; periodic function-based data grouping scheme; privacy-aware query authentication index; query result integrity; range query answering; service provider; spatial data distribution; spatial database; unsophisticated data grouping strategy; verification object transmission overhead; Authentication; Encryption; Indexes; Query processing; Spatial databases; Data authentication index; Database outsourcing; Encrypted database; Query result integrity   (ID#:15-4033)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6741410&isnumber=6741395

 

Gaff, Brian M.; Sussman, Heather Egan; Geetter, Jennifer, "Privacy and Big Data," Computer, vol.47, no.6, pp.7,9, June 2014. doi: 10.1109/MC.2014.161

Abstract: Big data's explosive growth has prompted the US government to release new reports that address the issues--particularly related to privacy--resulting from this growth. The Web extra at http://youtu.be/j49eoe5g8-c is an audio recording from the Computing and the Law column, in which authors Brian M. Gaff, Heather Egan Sussman, and Jennifer Geetter discuss how big data's explosive growth has prompted the US government to release new reports that address the issues--particularly related to privacy--resulting from this growth.

Keywords: Big data; Data integration; Data privacy; Government; Privacy; Public policy; anonymization; big data; data analysis; data collection; data retention; de-identification; privacy; security   (ID#:15-4035)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6838869&isnumber=6838865

 

Sanger, J.; Richthammer, C.; Hassan, S.; Pernul, G., "Trust and Big Data: A Roadmap for Research," Database and Expert Systems Applications (DEXA), 2014 25th International Workshop on, pp. 278, 282, 1-5 Sept. 2014. doi: 10.1109/DEXA.2014.63

Abstract: We are currently living in the age of Big Data coming along with the challenge to grasp the golden opportunities at hand. This mixed blessing also dominates the relation between Big Data and trust. On the one side, large amounts of trust-related data can be utilized to establish innovative data-driven approaches for reputation-based trust management. On the other side, this is intrinsically tied to the trust we can put in the origins and quality of the underlying data. In this paper, we address both sides of trust and Big Data by structuring the problem domain and presenting current research directions and inter-dependencies. Based on this, we define focal issues which serve as future research directions for the track to our vision of Next Generation Online Trust within the FORSEC project.

Keywords: Big Data; trusted computing; Big Data; FORSEC project; data-driven approaches; focal issues; next generation online trust; reputation-based trust management; trust-related data; Big data; Cloud computing; Computer science; Conferences; Context; Data mining; Security; Big Data; reputation; trust   (ID#:15-4036)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6974862&isnumber=6974758

 

Babaie, T.; Chawla, S.; Ardon, S.; Yue Yu, "A Unified Approach To Network Anomaly Detection," Big Data (Big Data), 2014 IEEE International Conference on, pp. 650, 655, 27-30 Oct. 2014. doi: 10.1109/BigData.2014.7004288

Abstract: This paper presents a unified approach for the detection of network anomalies. Current state of the art methods are often able to detect one class of anomalies at the cost of others. Our approach is based on using a Linear Dynamical System (LDS) to model network traffic. An LDS is equivalent to Hidden Markov Model (HMM) for continuous-valued data and can be computed using incremental methods to manage high-throughput (volume) and velocity that characterizes Big Data. Detailed experiments on synthetic and real network traces shows a significant improvement in detection capability over competing approaches. In the process we also address the issue of robustness of network anomaly detection systems in a principled fashion.

Keywords: Big Data; computer network security; hidden Markov models; Big Data; HMM; LDS; continuous-valued data; hidden Markov model ;linear dynamical system; network anomaly detection; network traffic; Computer crime; Correlation; Hidden Markov models; IP networks; Kalman filters; Ports (Computers); Robustness   (ID#:15-4037)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7004288&isnumber=7004197

 

Conghuan Ye; Zenggang Xiong; Yaoming Ding; Jiping Li; Guangwei Wang; Xuemin Zhang; Kaibing Zhang, "Secure Multimedia Big Data Sharing in Social Networks Using Fingerprinting and Encryption in the JPEG2000 Compressed Domain," Trust, Security and Privacy in Computing and Communications (TrustCom), 2014 IEEE 13th International Conference on, pp.616,621, 24-26 Sept. 2014. doi: 10.1109/TrustCom.2014.79

Abstract: With the advent of social networks and cloud computing, the amount of multimedia data produced and communicated within social networks is rapidly increasing. In the mean time, social networking platform based on cloud computing has made multimedia big data sharing in social network easier and more efficient. The growth of social multimedia, as demonstrated by social networking sites such as Facebook and YouTube, combined with advances in multimedia content analysis, underscores potential risks for malicious use such as illegal copying, piracy, plagiarism, and misappropriation. Therefore, secure multimedia sharing and traitor tracing issues have become critical and urgent in social network. In this paper, we propose a scheme for implementing the Tree-Structured Harr (TSH) transform in a homomorphic encrypted domain for fingerprinting using social network analysis with the purpose of protecting media distribution in social networks. The motivation is to map hierarchical community structure of social network into tree structure of TSH transform for JPEG2000 coding, encryption and fingerprinting. Firstly, the fingerprint code is produced using social network analysis. Secondly, the encrypted content is decomposed by the TSH transform. Thirdly, the content is fingerprinted in the TSH transform domain. At last, the encrypted and fingerprinted contents are delivered to users via hybrid multicast-unicast. The use of fingerprinting along with encryption can provide a double-layer of protection to media sharing in social networks. Theory analysis and experimental results show the effectiveness of the proposed scheme.

Keywords: Big Data; cryptography; data compression; data protection; image coding; multimedia computing; social networking (online);transforms;JPEG2000 coding;JPEG2000 compressed domain; TSH transform; fingerprint code; fingerprinting; hierarchical community structure; homomorphic encryption; hybrid multicast-unicast; media distribution protection; secure multimedia big data sharing ;social network analysis; tree-structured Harr transform; Communities; Encryption; Multimedia communication; Social network services; Transforms   (ID#:15-4038)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7011303&isnumber=7011202

 

Rashad Al-Dhaqm, A.M.; Othman, S.H.; Abd Razak, S.; Ngadi, A., "Towards Adapting Metamodelling Technique For Database Forensics Investigation Domain," Biometrics and Security Technologies (ISBAST), 2014 International Symposium on, pp.322,327, 26-27 Aug. 2014. doi: 10.1109/ISBAST.2014.7013142

Abstract: Threats which come from database insiders or database outsiders have formed a big challenge to the protection of integrity and confidentiality in many database systems. To overcome this situation a new domain called a Database Forensic (DBF) has been introduced to specifically investigate these dynamic threats which have posed many problems in Database Management Systems (DBMS) of many organizations. DBF is a process to identify, collect, preserve, analyse, reconstruct and document all digital evidences caused by this challenge. However, until today, this domain is still lacks having a standard and generic knowledge base for its forensic investigation methods / tools due to many issues and challenges in its complex processes. Therefore, this paper will reveal an approach adapted from a software engineering domain called metamodelling which will unify these DBF complex knowledge processes into an artifact, a metamodel (DBF Metamodel). In future, the DBF Metamodel could benefit many DBF investigation users such as database investigators, stockholders, and other forensic teams in offering various possible solutions for their problem domain.

Keywords: data privacy; database management systems; digital forensics; DBF complex knowledge processes; DBF metamodel; DBMS; database forensics investigation domain; database management systems; database system confidentiality protection; database system integrity protection; metamodelling technique; software engineering domain; Complexity theory; Database systems; Forensics; Organizations; Security; Servers; Database forensic ;Database forensic investigation; Metamodel; Metamodelling; Model   (ID#:15-4039)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7013142&isnumber=7013076

 

Lei Xu; Chunxiao Jiang; Jian Wang; Jian Yuan; Yong Ren, "Information Security in Big Data: Privacy and Data Mining," Access, IEEE, vol.  2, no., pp.1149,1176, 2014. doi: 10.1109/ACCESS.2014.2362522

Abstract: The growing popularity and development of data mining technologies bring serious threat to the security of individual,'s sensitive information. An emerging research topic in data mining, known as privacy-preserving data mining (PPDM), has been extensively studied in recent years. The basic idea of PPDM is to modify the data in such a way so as to perform data mining algorithms effectively without compromising the security of sensitive information contained in the data. Current studies of PPDM mainly focus on how to reduce the privacy risk brought by data mining operations, while in fact, unwanted disclosure of sensitive information may also happen in the process of data collecting, data publishing, and information (i.e., the data mining results) delivering. In this paper, we view the privacy issues related to data mining from a wider perspective and investigate various approaches that can help to protect sensitive information. In particular, we identify four different types of users involved in data mining applications, namely, data provider, data collector, data miner, and decision maker. For each type of user, we discuss his privacy concerns and the methods that can be adopted to protect sensitive information. We briefly introduce the basics of related research topics, review state-of-the-art approaches, and present some preliminary thoughts on future research directions. Besides exploring the privacy-preserving approaches for each type of user, we also review the game theoretical approaches, which are proposed for analyzing the interactions among different users in a data mining scenario, each of whom has his own valuation on the sensitive information. By differentiating the responsibilities of different users with respect to security of sensitive information, we would like to provide some useful insights into the study of PPDM.

Keywords: Big Data; data acquisition; data mining; data protection; game theory; security of data; Big Data; PPDM; data collector; data miner; data provider; data publishing decision maker; game theory ;information protection; information security ;privacy preserving data mining; Algorithm design and analysis; Computer security; Data mining; Data privacy; Game theory; Privacy; Tracking; Data mining; anonymization; anti-tracking; data mining; game theory; privacy auction; privacy-preserving data mining; privacypreserving data mining; provenance; sensitive information   (ID#:15-4040)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6919256&isnumber=6705689

 

Ming Xiang; Tauch, S.; Liu, W., "Dependability and Resource Optimation Analysis for Smart Grid Communication Networks," Big Data and Cloud Computing (BdCloud), 2014 IEEE Fourth International Conference on , vol., no., pp.676,681, 3-5 Dec. 2014. doi: 10.1109/BDCloud.2014.115

Abstract: Smart Grid is the trend of next generation power distribution and network management that enable a two -- way interactive communication and operation between consumers and suppliers, so as to achieve intelligent resource management and optimization. The wireless mesh network technology is a promising infrastructure solution to support these smart functionalities, while it has some inherent vulnerabilities and cyber-attack risks to be addressed. As Smart Grid is heavily relying on the underlie communication networks, which makes their security and dependability issues critical to the entire smart grid technology. Several studies have been conducted in the field of Smart Grid security, but few works were focused on the dependability and its associated resource analysis of the control center networks. In this paper, we have investigated the dependability modeling and also resource allocation in redundant communication networks by adopting two mathematical approaches, Reliability Block Diagrams (RBD) and Stochastic Petri Nets (SPNs), to analyze the dependability of control center networks in Smart Grid environment. We have applied our proposed modeling approach in an extensive case study to evaluate the availability of smart gird networks with different redundancy mechanisms. A combination of dependability models and reliability importance are used to analyze the network availability according to the most important components. We also show the variation of network availability in accordance with Mean Time to Failure (MTTF) in different network architectures.

Keywords: Petri nets; power distribution reliability; power system security; redundancy; resource allocation; smart power grids; stochastic programming; telecommunication network reliability; telecommunication security; wireless mesh networks; MTTF; RBD; SPN; cyber-attack risk; dependability modeling; intelligent resource management; mean time to failure; network management; next generation power distribution; redundancy mechanism; reliability block diagrams; resource allocation; resource resource optimization analysis; smart grid communication network reliability; smart grid security; stochastic Petri net; two-way interactive communication; underlie communication network; wireless mesh network technology; Availability; Computer architecture; Logic gates; Markov processes; Smart grids; Topology; Smart Grid; availability; dependability analysis; reliability importance; resource allocation; stochastic petri nets; wireless mesh network   (ID#:15-4041)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7034859&isnumber=7034739

 

Bertino, E.; Samanthula, B.K., "Security With Privacy - A Research Agenda," Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2014 International Conference on, pp. 144, 153, 22-25 Oct. 2014. Doi: (not provided)

Abstract: Data is one of the most valuable assets for organization. It can facilitate users or organizations to meet their diverse goals, ranging from scientific advances to business intelligence. Due to the tremendous growth of data, the notion of big data has certainly gained momentum in recent years. Cloud computing is a key technology for storing, managing and analyzing big data. However, such large, complex, and growing data, typically collected from various data sources, such as sensors and social media, can often contain personally identifiable information (PII) and thus the organizations collecting the big data may want to protect their outsourced data from the cloud. In this paper, we survey our research towards development of efficient and effective privacy-enhancing (PE) techniques for management and analysis of big data in cloud computing. We propose our initial approaches to address two important PE applications: (i) privacy-preserving data management and (ii) privacy-preserving data analysis under the cloud environment. Additionally, we point out research issues that still need to be addressed to develop comprehensive solutions to the problem of effective and efficient privacy-preserving use of data.

Keywords: Big Data; cloud computing; data privacy; security of data; PE applications; PE techniques; PII; big data analysis; business intelligence; cloud computing; cloud environment; data sources; outsourced data; personally identifiable information; privacy-enhancing techniques; privacy-preserving data analysis; privacy-preserving data management; research agenda; security; social media; Big data; Cancer; Electronic mail; Encryption; Media; Privacy   (ID#:15-4042)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7014559&isnumber=7011734

 

Miyachi, T.; Yamada, T., "Current Issues and Challenges on Cyber Security For Industrial Automation And Control Systems," SICE Annual Conference (SICE), 2014 Proceedings of the, pp. 821, 826, 9-12 Sept. 2014. doi: 10.1109/SICE.2014.6935227

Abstract: This paper presents a survey on cyber security issues in in current industrial automation and control systems, which also includes observations and insights collected and distilled through a series of discussion by some of major Japanese experts in this field. It also tries to provide a conceptual framework of those issues and big pictures of some ongoing projects to try to enhance it.

Keywords: industrial control; production engineering computing; security of data; IACS; cyber security; industrial automation and control systems; Control systems; IEC standards; Malware; Protocols; Cyber incident; cyber threat; security; vulnerability   (ID#:15-4043)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6935227&isnumber=6935176

 

Eckhoff, D.; Sommer, C., "Driving for Big Data? Privacy Concerns in Vehicular Networking," Security & Privacy, IEEE, vol. 12, no. 1, pp. 77, 79, Jan.-Feb. 2014. doi: 10.1109/MSP.2014.2

Abstract: Communicating vehicles will change road traffic as we know it. With current versions of European and US standards in mind, the authors discuss privacy and traffic surveillance issues in vehicular network technology and outline research directions that could address these issues.

Keywords: automobiles; data privacy; road traffic; surveillance; telecommunication standards; telecommunication traffic; vehicular ad hoc networks; European standards; US standards; communicating vehicles; privacy concerns; road traffic change; traffic surveillance; vehicular network technology; vehicular networking; Intelligent vehicles; Road traffic; Safety; Surveillance; Telecommunication standards; Wireless communication; ETSI; ITS; WAVE; intelligent transport system; vehicular network   (ID#:15-4044)

URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6756784&isnumber=6756734


Note:



Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to news@scienceofsecurity.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.