Vasilios Zorkadis

On neural network techniques in the secure management of communication systems through improving and quality assessing pseudorandom stream generators

Random components play an especially important role in the management of secure communication systems, with emphasis on the key management of cryptographic protocols. For this reason, the existence of strong pseudo random number generators is highly required. This paper presents novel techniques, which rely on Artificial Neural Network (ANN) architectures, to strengthen traditional generators such as IDEA and ANSI X.9 based on 3DES and IDEA. Additionally, this paper proposes a non-linear test method for the quality assessment of the required non-predictability property, which relies on feedforward neural networks. This non-predictability test method along with commonly used empirical tests based on statistics is proposed as a methodology for quality assessing strong pseudorandom stream generators. By means of this methodology, traditional and Neural Network based pseudorandom stream generators are evaluated. The results show that the proposed generators behave significantly better than the traditional ones, in particular, in terms of non-predictability.

2005 Special Issue: Efficient information theoretic strategies for classifier combination, feature extraction and performance evaluation in improving false positives and false negatives for spam e-mail filtering

Spam emails are considered as a serious privacy-related violation, besides being a costly, unsolicited communication. Various spam filtering techniques have been so far proposed, mainly based on Naïve Bayesian algorithms. Other Machine Learning algorithms like Boosting trees, or Support Vector Machines (SVM) have already been used with success. However, the number of False Positives (FP) and False Negatives (FN) resulting through applying various spam e-mail filters still remains too high and the problem of spam e-mail categorization cannot be solved completely from a practical viewpoint. In this paper, we propose a novel approach for spam e-mail filtering based on efficient information theoretic techniques for integrating classifiers, for extracting improved features and for properly evaluating categorization accuracy in terms of FP and FN. The goal of the presented methodology is to empirically but explicitly minimize these FP and FN numbers by combining high-performance FP filters with high-performance FN filters emerging from a previous work of the authors [Zorkadis, V., Panayotou, M., & Karras, D. A. (2005). Improved spam e-mail filtering based on committee machines and information theoretic feature extraction. Proceedings of the International Joint Conference on Neural Networks, July 31-August 4, 2005, Montreal, Canada]. To this end, Random Committee-based filters along with ADTree-based ones are efficiently combined through information theory, respectively. The experiments conducted are of the most extensive ones so far in the literature, exploiting widely accepted benchmarking e-mail data sets and comparing the proposed methodology with the Naive Bayes spam filter as well as with the Boosting tree methodology, the classification via regression and other machine learning models. It is illustrated by means of novel information theoretic measures of FP & FN filtering performance that the proposed approach is very favorably compared to the other rival methods. Finally, it is found that the proposed information theoretic Boolean features present a remarkably high spam categorization performance.

Improved spam e-mail filtering based on committee machines and information theoretic feature extraction

A novel approach for spam e-mail filtering is herein considered based on the committee machines neural network models and on information theoretic feature extraction. An extensive experimental study is organized, the most extensive so far in the literature, based on widely accepted benchmarking e-mail data sets, comparing the proposed methodology with the naive Bayes spam filter as well as with the boosting tree methodology, the linear models based classification (classification via regression) and the nonlinear models based classification using simple neural network models, including multilayer perceptrons. Moreover, several feature extraction approaches based on information theory are evaluated. It is shown that the committee machines mail categorization performance is compared very favorably to the other rival methods performance, including the Bayes spam filter which is the most widely used approach in the e-mail services market. It is, also, found that the proposed information theoretic Boolean features present a remarkably high spam categorization performance compared to their analog counterparts performance.

A novel suite of tests for evaluating one-way hash functions for electronic commerce applications

The quality of one-way functions determines, among other parameters, to great extent the security grant provided by cryptographic protocols which rely on them. The authors propose a novel evaluation methodology of one-way hash functions for security mechanisms of electronic commerce systems, such as for instance digital signatures. The methodology consists of three parts: the bit-variance test, the entropy assessment of the digests produced and the hash-function non modeling test. The bit-variance test shows the impact of small changes of the input message in the digest output. The entropy assessment of the hash function values is its information measure, and therefore a measure of the difficulty to find two or more messages that lend themselves to a given digest. On the other hand, the non modeling test (based on neural networks) should show the impossibility of modeling the one-way hash function by neural network architectures, having the ability to approximate arbitrary real functions. Otherwise, it would indicate feasibility in modeling the hash functions by artificial intelligence techniques, and consequently in reducing the processing effort required to break them. The application of the suggested methodology to the well known MD5 one-way function reveals its potential to hash function quality characteristic evaluation. The proposed methodology may be applied in conjunction with other methods described in the technical literature.

On privacy-enhancing architectures for distribution of real time performance demanding mobile services

While the usage of Mobile Services creation and Distribution Management Systems (MSDMS) increases dramatically during the web 2.0 era nowadays, it unavoidably leads to collection and processing of personal data with many complains from the consumer/user side (see e.g., Facebook problems). To address these problems, we define privacy-related requirements to support designing privacy-friendly mobile services distribution management schemes, especially in the case of collaborative mobile services. Furthermore, we propose a privacy-enhancing MSDMS model, integrating anonymous transactions and other privacy-friendly operation-related components. The proposed architecture makes possible a high degree of interactivity and guarantees low load on the server.

Strong Pseudorandom Bit Sequence Generators Using Neural Network Techniques and Their Evaluation for Secure Communications

Random components play an especially important role in secure electronic commerce and multimedia communications. For this reason, the existence of strong pseudo random number generators is highly required. This paper presents novel techniques, which rely on artificial neural network architectures, to strengthen traditional generators such as ANSI X.9 based on DES and IDEA. Additionally, this paper proposes a test method for evaluating the required non-predictability property, which also relies on neural networks. This non-predictability test method along with commonly used statistical and nonlinearity tests are suggested as methodology for the evaluation of strong pseudo random number generators. By means of this methodology, traditional and proposed generators are evaluated. The results show that the proposed generators behave significantly better than the traditional, in particular, in terms of nonpredictability.

Maximum Entropy Oriented Anonymization Algorithm for Privacy Preserving Data Mining

This work introduces a new concept that addresses the problem of preserving privacy when anonymising and publishing personal data collections. In particular, a maximum entropy oriented algorithm to protect sensitive data is proposed. As opposed to k-anonymity, l-diversity and t-closeness, the proposed algorithm builds equivalence classes with possibly uniformly distributed sensitive attribute values, probably by means of noise, and having as a lower limit the entropy of the distribution of the initial data collection, so that background information cannot be exploited to successfully attack the privacy of data subjects data refer to. Furthermore, existing privacy and information loss related metrics are presented, as well as the algorithm implementing the maximum entropy anonymity concept. From a privacy protection perspective, the achieved results are very promising, while the suffered information loss is limited.

On Efficient Security Modelling of Complex Interconnected Communication Systems based on Markov Processes

While interconnected systems proliferate in nowadays computing and communications technology there are few reports investigating their security. In this paper, new efficient models are developed and evaluated for analyzing the security-related behavior of computing architectures and networks comprising complex interconnected communication systems adapted towards a generalized analysis. These models, based on Markov processes, allow calculation of critical security factors, related to intrusion detection, of such interconnected systems components and the evaluation of the associated security mechanisms. Although, at this step two interconnected systems are analyzed, the systematic model introduced allows for a generalized model of N interconnected systems. We herein show the principles of such an analysis. Security parameters calculation and Security mechanisms evaluation may support the risk analysis and the decision making process in resolving the trade-offs between security and quality of service characteristics corresponding to the complex interconnected computing and communication systems.