Suresh Veluru

User Collusion Avoidance Scheme for Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption

Decentralized attribute-based encryption (ABE) is a variant of a multiauthority ABE scheme where each authority can issue secret keys to the user independently without any cooperation and a central authority. This is in contrast to the previous constructions, where multiple authorities must be online and setup the system interactively, which is impractical. Hence, it is clear that a decentralized ABE scheme eliminates the heavy communication cost and the need for collaborative computation in the setup stage. Furthermore, every authority can join or leave the system freely without the necessity of reinitializing the system. In contemporary multiauthority ABE schemes, a users secret keys from different authorities must be tied to his global identifier (GID) to resist the collusion attack. However, this will compromise the users privacy. Multiple authorities can collaborate to trace the user by his GID, collect his attributes, then impersonate him. Therefore, constructing a decentralized ABE scheme with privacy-preserving remains a challenging research problem. In this paper, we propose a privacy-preserving decentralized key-policy ABE scheme where each authority can issue secret keys to a user independently without knowing anything about his GID. Therefore, even if multiple authorities are corrupted, they cannot collect the users attributes by tracing his GID. Notably, our scheme only requires standard complexity assumptions (e.g., decisional bilinear Diffie-Hellman) and does not require any cooperation between the multiple authorities, in contrast to the previous comparable scheme that requires nonstandard complexity assumptions (e.g., q-decisional Diffie-Hellman inversion) and interactions among multiple authorities. To the best of our knowledge, it is the first decentralized ABE scheme with privacy-preserving based on standard complexity assumptions.

E-mail address categorization based on semantics of surnames

Surname (family name) analysis is used in geography to understand population origins, migration, identity, social norms and cultural customs. Some of these are supposedly evolved over generations. Surnames exhibit good statistical properties that can be used to extract information in names data set such as automatic detection of ethnic or community groups in names. An e-mail address, often contains surname as a substring. This containment may be full or partial. An e-mail address categorization based on semantics of surnames is the objective of this paper. This is achieved in two phases. First phase deals with surname representation and clustering. Here, a vector space model is proposed where latent semantic analysis is performed. Clustering is done using the method called average-linkage method. In the second phase, an email is categorized as belonging to one of the categories (discovered in first phase). For this, substring matching is required, which is done in an efficient way by using suffix tree data structure. We perform experimental evaluation for the 500 most frequently occurring surnames in India and United Kingdom. Also, we categorize the e-mail addresses that have these surnames as substrings.

Entropy clustering approach for improving forecasting in DDoS attacks

Volume anomaly such as distributed denial-of-service (DDoS) has been around for ages but with advancement in technologies, they have become stronger, shorter and weapon of choice for attackers. Digital forensic analysis of intrusions using alerts generated by existing intrusion detection system (IDS) faces major challenges, especially for IDS deployed in large networks. In this paper, the concept of automatically sifting through a huge volume of alerts to distinguish the different stages of a DDoS attack is developed. The proposed novel framework is purpose-built to analyze multiple logs from the network for proactive forecast and timely detection of DDoS attacks, through a combined approach of Shannon-entropy concept and clustering algorithm of relevant feature variables. Experimental studies on a cyber-range simulation dataset from the project industrial partners show that the technique is able to distinguish precursor alerts for DDoS attacks, as well as the attack itself with a very low false positive rate (FPR) of 22.5%. Application of this technique greatly assists security experts in network analysis to combat DDoS attacks.

Multi-Agent based Framework for Time-correlated Alert Detection of Volume Attacks

Recent and emerging cyber-threats have justified the need to keep improving the network security technologies such as Intrusion Detection Systems (IDSs) to keep it abreast with the rapidly evolving technologies subsequently creating diverse security challenges. A post-processing filter is required to reduce false positives and large number of alerts generated by network-based IDSs for the timely detection of intrusions. This paper investigates statistical-based detection approach for volume anomaly such as Distributed Denial-of-Service (DDoS) attacks, through the use of multi-agent framework that hunt for time-correlated abnormalities in different behaviours of network event. Employing statistical process-behaviour charts of Exponentially Weighted Moving Average (EWMA) one-step-ahead forecasting technique, the framework correlates undesirable deviations in order to identify abnormal patterns and raise alarm. This paper provides the architecture and mathematical foundation of the proposed framework prototype, describing the specific implementation and testing of the approach based on a network log generated from a 2012 cyber range simulation experiment as well as the DARPA 2000 datasets. Its effectiveness in detecting time-correlated anomaly alerts, reducing the number of alerts and false positive alarms from the IDS output is evaluated in this paper.

The Uncertainty of Identity Toolset: Analysing Digital Traces for User Profiling

People manage a spectrum of identities in cyber domains. Profiling individuals and assigning them to distinct groups or classes have potential applications in targeted services, online fraud detection, extensive social sorting, and cyber-security. This paper presents the Uncertainty of Identity Toolset, a framework for the identification and profiling of users from their social media accounts and e-mail addresses. More specifically, in this paper we discuss the design and implementation of two tools of the framework. The Twitter Geographic Profiler tool builds a map of the ethno-cultural communities of a persons friends on Twitter social media service. The E-mail Address Profiler tool identifies the probable identities of individuals from their e-mail addresses and maps their geographical distribution across the UK. To this end, this paper presents a framework for profiling the digital traces of individuals.

Correlated Community Estimation Models Over a Set of Names

Generally surnames (family name) or forenames are evolved over generations which can be used to understand population origins, migration, identity, social norms and cultural customs. These forenames or surnames may have hidden structure associated with them called communities. Each community might have strong correlation among several forenames and surnames. In addition, the correlation might be across communities of forenames or surnames. Popular statistical generative model such as Latent Dirichlet Allocation (LDA) has been developed to find topics in a corpus of documents. However, the LDA model can be proposed to identify hidden communities in names data set. This paper proposes several variants of latent Dirichlet allocation models to capture correlation between surnames and forenames within the communities and across the communities over a set of names collected at different locations. Initially, we propose surname correlated LDA model and forename correlated LDA model. These models identify communities in surnames or forenames and extract corresponding correlated forenames or surnames in each community respectively. Later, we propose surname community correlated LDA model and forename community correlated LDA model. These models estimate correlation among each surname community to the communities of forenames and vice versa respectively. We experiment for India and United Kingdom names data sets and conclusions are drawn.

A Review on Intrusion Detection Techniques and Intrusion Detection Systems in MANETs

Over past few years, among wireless technologies, MANETs has become one of the most important and effective area in extending research capabilities. A great array of scope is lying as platform for research scholars as MANETs are vulnerable to attacks because of their high volatility in location and motion. Protocols assume that no malicious intruder node is present, which impacts all the layers by some means, chiefly, the network layer. This paper is a brief review on such attacks whose focus is on degrading MANETs efficiency. It extends in apprising well identified intrusion detection and detection techniques for wide range of attacks. Also, a comprehensive study is carried on the said area to forecast and explore on futuristic research areas. The findings of this review should provide useful insights into the current IDS literature and be a good source for anyone who is interested in the approaches to intrusion detection techniques and systems.