nach oben

Erschienen in:

2024 | OriginalPaper | Buchkapitel

A Compliance-Enhancing Approach to Separated Continuous Auditing of Intelligent Endpoints Security in War Potential Network Based on Location-Sensitive Hashing

verfasst von : Hanrui Zhang, Chenrong Huang, Andrew Lyu

Erschienen in: Proceedings of the 13th International Conference on Computer Engineering and Networks

Verlag: Springer Nature Singapore

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The War Potential Network (WPN) is critical infrastructure determining national security. With the recent trend of increasingly tense international situation, frequent occurrences of cyber-attacks, and the proliferation of new intelligent endpoint devices in WPN, the importance of Continuous Auditing (CA) for intelligent endpoints in WPN has become increasingly significant. Several researches have focused on the accuracy of CA. However, the information in WPN intelligent endpoint devices might have sensitive information. Some laws require computer systems to not disclose data containing national secrets, while certain legal regulations demand the protection of personal privacy. In order to meet compliance requirements, specific technologies have to be implemented in CA, while there are existing research gaps in this field. To fill the gap, this research proposed a compliance-enhancing approach based on Locality-Sensitive Hashing (LSH) and clustering method to enhance compliance in CA. In this approach, auditing nodes gathers encoded data which cannot be read by human, while can be analyzed by algorithms to conduct CA. To quantitatively evaluate this approach, this research also introduced an inference attacking method in WPN scenario as threat model. The research also evaluated the influence of the capability of the auditing object and the correctness of the auditing result, to prove our compliance-enhancing approach can achieve relatively good performance in different evaluation dimensions.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel RLOP: A Framework Design for Offset Prefetching Combined with Reinforcement Learning

Nächstes Kapitel Design and Implementation of an Embedded Streaming Terminal

Run, W., Yuhang, J.: A brief discussion on the new trends in network security under the background of cyber warfare. Netw. Secur. Technol. Appl. 269(05), 162–164 (2023)

Xin’an, Z.: The Russo-Ukrainian conflict rings the alarm bell for safeguarding network security. China Inf. Secur. 151(06), 5 (2022)

Dengguo, F., Min, Z., Hao, L.: Big data security and privacy protection. Chinese J. Comput. 37(01), 246–258 (2014)

Xiuxia, T., Xiaoling, W., Ming, G., et al.: Database services: security and privacy protection. J. Softw. 21(05), 991–1006 (2010)

Zhenfu, C., Xiaolei, D., Jun, Z., et al.: Research progress on big data security and privacy protection. J. Comput. Res. Develop. 53(10), 2137–2151 (2016)

Handong, W.: Institutional arrangements and legal regulations in the era of artificial intelligence. Legal Sci. (J. Northwest Univ. Polit. Sci. Law) 35(05), 128–136 (2017)

Yanping, X., Zhaofeng, M., Zhonghua, W., et al.: Overview of security for android smart terminals. J. Commun. 37(06), 169–184 (2016)

Guang, Y., Geng Guining, D., Jing, et al.: Security threats and measures in the internet of things. J. Tsinghua Univ. (Sci. Technol.) 51(10), 1335–1340 (2011)

Junzhou, L., Ming, Y., Zhen, L., et al.: Cyber security system and key technologies in cyberspace. Sci. Sin. Inf. 46(08), 939–968 (2016)CrossRef

10.

Wang, S., Chen, D., Wang, Z., et al.: A new solution of privacy-preserving public auditing scheme for cloud storage security. Telecommun. Sci. 28(9), 15–21 (2012)

11.

Yan, H., Liu, Y., Zhang, Z., et al.: Efficient privacy-preserving certificateless public auditing of data in cloud storage. Secur. Commun. Netw. 2021, 1–11 (2021)

12.

Anbuchelian, S., Sowmya, C.M., Ramesh, C.: Efficient and secure auditing scheme for privacy preserving data storage in cloud. Clust. Comput. 22, 9767–9775 (2019)CrossRef

13.

Wang, B., Li, B., Li, H.: Panda: Public auditing for shared data with efficient user revocation in the cloud. IEEE Trans. Serv. Comput. 8(1), 92–106 (2013)CrossRef

14.

Hussien, Z.A, Jin, H., Abduljabbar, Z.A., et al.: Public auditing for secure data storage in cloud through a third party auditor using modern ciphertext. In: 2015 11th International Conference on Information Assurance and Security (IAS), pp. 73–78. IEEE (2015)

15.

Datar, M., Immorlica, N., Indyk, P., et al.: Locality-sensitive hashing scheme based on p-stable distributions. In: Proceedings of the Twentieth Annual Symposium on Computational Geometry, pp. 253–262 (2004)

16.

Annoy. https://github.com/spotify/annoy, Accessed: 2023–05–01

17.

Dwork, C.: Differential privacy: a survey of results. In: Agrawal, M., Du, D., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-79228-4_1CrossRef

18.

Yao A C. Protocols for secure computations. In: 23rd annual symposium on foundations of computer science (sfcs 1982), pp. 160–164. IEEE (1982)

19.

Yao A C C. How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science (Sfcs 1986), pp. 162–167. IEEE (1986)

20.

Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, pp. 169–178 (2009)

21.

Araki, T., Furukawa, J., Lindell, Y., et al.: High-throughput semi-honest secure three-party computation with an honest majority. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 805–817 (2016)

22.

Halevi S, Shoup V. Algorithms in helib. In: Advances in Cryptology–CRYPTO 2014: 34th Annual Cryptology Conference, Santa Barbara, CA, USA, August 17–21, 2014, Proceedings, Part I, vol. 34, pp. 554–571. Springer, Berlin (2014)

23.

The Privacy Sandbox. https://privacysandbox.com/. Accessed: 2023–05–01

24.

Drebin Dataset. https://www.sec.cs.tu-bs.de/~danarp/drebin/index.html. Accessed:2023–05–01

25.

Koodous. https://koodous.com/. Accessed: 2023–05–01

Titel: A Compliance-Enhancing Approach to Separated Continuous Auditing of Intelligent Endpoints Security in War Potential Network Based on Location-Sensitive Hashing
verfasst von: Hanrui Zhang
Chenrong Huang
Andrew Lyu
Verlag: Springer Nature Singapore
Buch: Proceedings of the 13th International Conference on Computer Engineering and Networks
Print ISBN: 978-981-9992-46-1

Electronic ISBN: 978-981-9992-47-8

Copyright-Jahr: 2024
DOI: https://doi.org/10.1007/978-981-99-9247-8_11

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"