Yogachandran Rahulamathavan

Facial Expression Recognition in the Encrypted Domain Based on Local Fisher Discriminant Analysis

Facial expression recognition forms a critical capability desired by human-interacting systems that aim to be responsive to variations in the humans emotional state. Recent trends toward cloud computing and outsourcing has led to the requirement for facial expression recognition to be performed remotely by potentially untrusted servers. This paper presents a system that addresses the challenge of performing facial expression recognition when the test image is in the encrypted domain. More specifically, to the best of our knowledge, this is the first known result that performs facial expression recognition in the encrypted domain. Such a system solves the problem of needing to trust servers since the test image for facial expression recognition can remain in encrypted form at all times without needing any decryption, even during the expression recognition process. Our experimental results on popular JAFFE and MUG facial expression databases demonstrate that recognition rate of up to 95.24 percent can be achieved even in the encrypted domain.

Optimal subcarrier and bit allocation techniques for cognitive radio networks using integer linear programming

We propose an adaptive radio resource allocation algorithm for cognitive radio underlay networks. The proposed algorithm optimally allocates power and the available subcarriers in an OFDMA environment while ensuring interference leaked to the primary users is below a specific value. We formulate the radio resource allocation problem for cognitive radio network into integer linear programming framework. This algorithm yields an optimal solution for the proposed resource allocation problem. Simulation results have been provided to validate the performance of the algorithm.

Low Complexity Multi-authority Attribute Based Encryption Scheme for Mobile Cloud Computing

In multi-authority attribute based encryption (MA-ABE) schemes, multiple authorities monitor different set of attributes and the corresponding shared-decryption-keys. In such schemes the encrypt or can encrypt a message and upload to the cloud, whereas only users who satisfy a set of attributes from each authority can decrypt that message. We extend the well-known Chase and Chows scheme \cite{imaabe} for mobile users by introducing a cloud based semi-trusted-authority (STA) between the mobile user and attribute authorities. In this work, substantial amount of communications and computations are outsourced to the STA without compromising the security and privacy of the MA-ABE scheme. The STA interacts with the attribute-authorities on behalf of the user and obtains the masked shared-decryption-keys. Later the STA combines all the keys and gets one masked-key which can only be unmasked by a user to decrypt the message. In particular, STA cannot decrypt the message nor determine the attributes of the mobile user, hence, the security and privacy of the proposed MA-ABE scheme is preserved.

Robust access control framework for mobile cloud computing network

We propose robust access control framework for a network which has allowed smart devices to be connected to the internal network in order to enable seamless data sharing.Smart devices sensor data such as location, app usage pattern, unlock failures are being considered for access control and data confidentialityThese sensor data and conventional static credentials are combined to develop a secure framework which verifies the users access privileges in run-timeThe algorithm supports both the access control and data confidentiality simultaneously.Algorithms are validated via simulation and the results show that the performance is comparable with existing schemes.Existing schemes are thoroughly surveyed and different between proposed and existing schemes are clearly highlighted. Unified communications has enabled seamless data sharing between multiple devices running on various platforms. Traditionally, organizations use local servers to store data and employees access the data using desktops with predefined security policies. In the era of unified communications, employees exploit the advantages of smart devices and 4G wireless technology to access the data from anywhere and anytime. Security protocols such as access control designed for traditional setup are not sufficient when integrating mobile devices with organizations internal network. Within this context, we exploit the features of smart devices to enhance the security of the traditional access control technique. Dynamic attributes in smart devices such as unlock failures, application usage, location and proximity of devices can be used to determine the risk level of an end-user. In this paper, we seamlessly incorporate the dynamic attributes to the conventional access control scheme. Inclusion of dynamic attributes provides an additional layer of security to the conventional access control. We demonstrate that the efficiency of the proposed algorithm is comparable to the efficiency of the conventional schemes.

PIndroid: A novel Android malware detection system using ensemble learning methods

The extensive use of smartphones has been a major driving force behind a drastic increase of malware attacks. Covert techniques used by the malware make them hard to detect with signature based methods. In this paper, we present PIndroid – a novel Permissions and Intents based framework for identifying Android malware apps. To the best of our knowledge, PIndroid is the first solution that uses a combination of permissions and intents supplemented with Ensemble methods for accurate malware detection. The proposed approach, when applied to 1,745 real world applications, provides 99.8% accuracy (which is best reported to date). Empirical results suggest that the proposed framework is effective in detection of malware apps.

User Collusion Avoidance Scheme for Privacy-Preserving Decentralized Key-Policy Attribute-Based Encryption

Decentralized attribute-based encryption (ABE) is a variant of a multiauthority ABE scheme where each authority can issue secret keys to the user independently without any cooperation and a central authority. This is in contrast to the previous constructions, where multiple authorities must be online and setup the system interactively, which is impractical. Hence, it is clear that a decentralized ABE scheme eliminates the heavy communication cost and the need for collaborative computation in the setup stage. Furthermore, every authority can join or leave the system freely without the necessity of reinitializing the system. In contemporary multiauthority ABE schemes, a users secret keys from different authorities must be tied to his global identifier (GID) to resist the collusion attack. However, this will compromise the users privacy. Multiple authorities can collaborate to trace the user by his GID, collect his attributes, then impersonate him. Therefore, constructing a decentralized ABE scheme with privacy-preserving remains a challenging research problem. In this paper, we propose a privacy-preserving decentralized key-policy ABE scheme where each authority can issue secret keys to a user independently without knowing anything about his GID. Therefore, even if multiple authorities are corrupted, they cannot collect the users attributes by tracing his GID. Notably, our scheme only requires standard complexity assumptions (e.g., decisional bilinear Diffie-Hellman) and does not require any cooperation between the multiple authorities, in contrast to the previous comparable scheme that requires nonstandard complexity assumptions (e.g., q-decisional Diffie-Hellman inversion) and interactions among multiple authorities. To the best of our knowledge, it is the first decentralized ABE scheme with privacy-preserving based on standard complexity assumptions.

LSD-ABAC: Lightweight static and dynamic attributes based access control scheme for secure data access in mobile environment

Technology advancements in smart mobile devices empower mobile users by enhancing mobility, customizability and adaptability of computing environments. Mobile devices are now intelligent enough to capture dynamic attributes such as unlock failures, application usage, location and proximity of devices in and around its surrounding environment. Different users will have different set of values for these dynamic attributes. In traditional attribute based access control, users are authenticated to access restricted data using long term static attributes such as password, roles, and physical location. In this paper, in order to allow secure data access in mobile environment, we securely combine both the dynamic and static attributes and develop novel access control technique. Security and performance analyse show that the proposed scheme substantially reduces the computational complexity while enhances the security compare to the conventional schemes.

DIVA - Digital Identity in VANETs: A multi-authority framework for VANETs

Vehicular ad hoc networks (VANETs) are the future of vehicular technology and Traffic Information Systems. The most important issue being looked into VANETs nowadays is that of security and privacy of vehicles and users. The current and past research has focused on using or securing the identity of vehicles in the network. However, in reality the vehicles identity is not particularly useful for the authorities. Therefore, we present a novel idea for Digital Identity in VANETs that makes it more reliable and useful for both the authorities and the driver while providing the required level of security and privacy. Our scheme offers incentives for users and authorities to become part of VANETs thus helping in the deployment of the infrastructure.

Optimal resource allocation techniques for MIMO-OFDMA based cognitive radio networks using integer linear programming

We propose an adaptive resource allocation algorithm for a multiple-input multiple-output (MIMO) orthogonal frequency division multiple access (OFDMA) based downlink cognitive radio network (CRN). The CRN has multiple secondary users (SUs) coexisting with multiple primary users (PUs). The aim is to maximize the total data throughput of SUs while ensuring interference leakage to PUs is below a threshold and quality of services (QoS) for SUs such as data rates and bit error rate (BER) are met. The algorithm optimally allocates radio resources such as subcarrier, spatial beams, powers and bits to each user using an integer linear programming (ILP) framework. The performance of the algorithm has been evaluated using simulation results.

An Analysis of Tracking Settings in Blackberry 10 and Windows Phone 8 Smartphones

The use of tracking settings in smartphones facilitates the provision of tailored services to users by allowing service providers access to unique identifiers stored on the smartphones. In this paper, we investigate the ‘tracking off’ settings on the Blackberry 10 and Windows Phone 8 platforms. To determine if they work as claimed, we set up a test bed suitable for both operating systems to capture traffic between the smartphone and external servers. We dynamically execute a set of similar Blackberry 10 and Windows Phone 8 applications, downloaded from their respective official markets. Our results indicate that even if users turn off tracking settings in their smartphones, some applications leak unique identifiers without their knowledge.