Kim-Kwang Raymond Choo

Security, Privacy and Anonymity in Computation, Communication and Storage

Software defined networking (SDN) decouples the network control and data planes. The network intelligence and state are logically centralized and the underlying network infrastructure is abstracted from applications. SDN enhances network security by means of global visibility of the network state where a conflict can be easily resolved from the logically centralized control plane. Hence, the SDN architecture empowers networks to actively monitor traffic and diagnose threats to facilitates network forensics, security policy alteration, and security service insertion. The separation of the control and data planes, however, opens security challenges, such as man-in-the middle attacks, denial of service (DoS) attacks, and saturation attacks. In this paper, we analyze security threats to application, control, and data planes of SDN. The security platforms that secure each of the planes are described followed by various security approaches for network-wide security in SDN. SDN security is analyzed according to security dimensions of the ITU-T recommendation, as well as, by the costs of security solutions. In a nutshell, this paper highlights the present and future security challenges in SDN and future directions for secure SDN.

Efficient Identity-Based Encryption Scheme with Equality Test in Smart City

To support a sustainable development of smart city, smart grid is an indispensable part. Sensor technology in smart gird enables interactive real-time data transmission between cloud and the edge of the network. There are a number of research challenges in the design of smart grids. One of these research challenges is balancing customer privacy and the cloud-based power system’s function optimization. Identity-based encryption with equality test (IBEET) scheme has recently been identified as a viable solution, in which customers can delegate a trapdoor to the power system control server and the server then searches on the encrypted data to determine whether two different ciphertexts are encryptions of the same plaintext. Unfortunately, existing schemes are inefficient and the trapdoor could be used to perform equality test on any message; thus, leakage of privacy. In this paper, we propose an efficient IBEET scheme with bilinear pairing, which reduces the need for time-consuming HashToPoint function and each trapdoor could only be used to perform the equality test on a particular keyword. We then prove the security of our scheme for one-way chosen-ciphertext security against a chosen identity (OW-ID-CCA) attack in the random oracle model (ROM). The performance evaluation of our scheme demonstrates that in comparison to the scheme of Ma (2016), our scheme achieves a reduction of 36.7 and 39.24 percent in computation costs during the encryption phase and test phase, respectively.

Open Source Cloud Storage Forensics: ownCloud as a Case Study

The Storage as a Service (StaaS) cloud computing architecture is showing significant growth as users adopt the capability to store data in the cloud environment across a range of devices. Cloud (storage) forensics has recently emerged as a salient area of inquiry. Using a widely used open source cloud StaaS application—ownCloud—as a case study, we document a series of digital forensic experiments with the aim of providing forensic researchers and practitioners with an in-depth understanding of the artifacts required to undertake cloud storage forensics. Our experiments focus upon client and server artifacts, which are categories of potential evidential data specified before commencement of the experiments. A number of digital forensic artifacts are found as part of these experiments and are used to support the selection of artifact categories and provide a technical summary to practitioners of artifact types. Finally we provide some general guidelines for future forensic analysis on open source StaaS products.

Security and Privacy Challenges for Internet-of-Things and Fog Computing

Internet-of-Things (IoT) has been considered as a necessary part of our daily life with billions of IoT devices collecting data throughwireless technology and can interoperate within the existing Internet infrastructure. The new fog computing paradigm allows storing and processing data at the network edge or anywhere along the cloud-to-endpoint continuum, and it also overcomes the limitations of IoT devices and allows us to design a far more capable architecture. Unfortunately, this new IoT-Fog paradigm faces many new security and privacy issues, such as secure communication, authentication and authorization, and information confidentiality. Although the traditional cloud-based platform can even use heavyweight cryptosystem to enhance the security, it cannot be performed on the resource-constrained fog devices directly. Moreover, millions of smart fog devices are wildly distributed and located in different areas, which increases the risk of being compromised by some malicious parties. To address these arising challenges and opportunities different from traditional cloud-based architecture, all the papers chosen for this special issue represent recent progress in the field of security and privacy techniques relevant to the convergence of IoT with fog computing, including identity/attribute-based cryptography, system and software security, system and resource optimization, user privacy preservation, and data protection. Overall, our international editorial committee selected 17 papers among 70 submissions from both the theoretical and the practical side. All of these papers in this special issue not only provide novel ideas and state-of-the-art techniques in the field of IoT-Fog computing but also stimulate future research in the IoT-Fog computing environment.

Digital Forensic Data and Open Source Intelligence (DFINT+OSINT)

This chapter focuses on the externally sourced data aspect of the framework, and explores a process of data mining to extract entity information and a process of fusion with external source data to improve the knowledge discovery potential and intelligence from digital forensic data holdings.

Digital Forensic Data and Intelligence

This chapter examines the need for intelligence information in relation to digital forensic data holdings, and the potential to improve knowledge from a process of discovery. The need to undertake this in a timely manner is examined, including the potential for Digital Forensic Intelligence using a variety of disparate data, including DRbSI subsets, mobile device extracts, and other source data.

Summary of the Framework and DRbSI

The main theme of this research is an examination of the data volume issue affecting digital forensic analysis demands, and to research and propose valid methods to address the increasing volume of devices and data with methodologies encompassed in a framework which is applicable to real world investigation demands.

Digital Forensic Data Reduction by Selective Imaging

In the previous chapters, the focus of the research was outlined, current literature was discussed, and the proposed Digital Forensic Data Reduction Framework was explained. This chapter focuses on Step 5 of the framework and explores the process of data reduction using the proposed framework to guide the research.

Data Reduction of Mobile Device Extracts

In the previous chapter, the process of quick analysis of data subsets and full forensic images was detailed. This next chapter examines the process of data reduction and analysis of mobile phones and disparate devices.

Quick Analysis of Digital Forensic Data

In Volume 1, the Digital Forensic Data Reduction Framework was outlined, which includes the process of data reduction; Data Reduction by Selective Imaging (DRbSI).