Zongmin Cui

Reversible data hiding with contrast enhancement and tamper localization for medical images

Digital transmission of medical images often involves hiding crucial information in some parts of the images which should be later extracted to authenticate ownership and identity. In this paper, a new reversible data hiding (RDH) algorithm for medical images is proposed. The primary objective of the algorithm is to achieve contrast enhancement of the region of interest (ROI) without introducing distortion, and achieve tamper localization against attacks on the ROI. First, the background and ROI of the medical image are segmented using Otsus automatic optimal thresholding method. To reduce the visual distortion, an improved scheme for preprocessing is applied to reduce the number of disordered pixels. By expanding the peak-pairs of the ROI histogram, data embedding along with distortion-less contrast enhancement of the ROI is achieved. The feature-bit matrix generated from the ROI is embedded into the least significant bits (LSBs) of the background pixels. At the receiving end, the tampered contents from the ROI of the detected image can be located using a difference matrix between the feature-bit matrix generated from the ROI and that extracted from the background. In the absence of tampering, the original ROI can be completely restored after the embedded data is extracted. Experimental results demonstrate that in comparison with some state-of-the-art RDH algorithms, the proposed algorithm achieves better performance in terms of contrast enhancement of ROI, preserving visual quality of the background and tamper localization.

Certificateless Signcryption in the Standard Model

Signcryption can realize encryption and signature simultaneously with lower computational costs and communicational overheads than those of the traditional sign-then-encrypt approach. Certificateless cryptosystem solves the key escrow problem in the identity-based cryptosystem and simplifies the public key management in the traditional public key cryptosystem. There have been some certificateless signcryption schemes proposed in the standard model up to now, but all of them are just proposed in a weaker Type I security model, which is weaker than the original security model of Barbosa and Farshim, who proposed the first certificateless signcryption scheme. In this paper, we propose a certificateless signcryption scheme in the standard model by using bilinear pairings, which is Type I secure in the original security model of Barbosa and Farshim and can resist the malicious-but-passive key generation center Type II attack. The proposed scheme is proved confidential assuming the modified decisional bilinear Diffie–Hellman (M-DBDH) problem is hard, and unforgeable assuming the square computational Diffie–Hellman (Squ-CDH) problem is hard. At last, we evaluate its efficiency which shows it is of high efficiency.

Efficient Key Management for IOT Owner in the Cloud

IOT (internet of things) owner may not want their sensitive data to be public in the cloud. However, the client operated by IOT owner may be too lightweight to provide the encryption/decryption service. To remove the issue, we propose a novel solution to minimize the access control cost for IOT owner. First, we present a security model for IOT with minimal cost of IOT owner client without encryption, in which we transfer the encryption/decryption from the client to the cloud. Second, we propose an access control model to minimize the key management cost for IOT owner. Third, we provide an authorization update method to minimize the cost dynamically. In our method, the sensitive data from IOT owner is only available to the authorized user. Each IOT owner needs only to manage a single password, by which the IOT owner can always manage his/her sensitive data and authorization no matter the authorization policy how to change. Experimental results show that our approach significantly outperforms most of existing methods with efficient key management for IOT owner.

An efficient subscription index for publication matching in the cloud

Publish/subscribe has been successfully used in a variety of information dissemination applications. However, in a cloud computing environment, the enormous amount of information results in a very high requirement for the computing performance of a publish/subscribe method. In this paper, we propose an efficient index called Enindex for publish/subscribe matching. First, we group all the subscriptions submitted by subscribers, based on the key attributes (i.e., the most frequent attributes occurring in the subscriptions). Second, we group all the predicates contained in the subscriptions, according to three basic operators: ź (greater),=(equal), and ź (less), so as to remove the repeated predicates, and thus reduce the memory overhead. Finally, we propose an effective index structure to combine the grouped subscriptions together with the grouped predicates. Enindex not only has a small memory overhead, but also can support efficient publish/subscribe matching and online subscription updating. We conduct extensive experiments on synthetic datasets, and the experimental results demonstrate the superiority of the Enindex over state-of-the-art methods in terms of memory overhead and computing efficiency.

Certificate-Based Generalized Ring Signcryption Scheme

Generalized ring signcryption (GRSC) can realize ring signature and ring signcryption functions with only one key pair and one algorithm. It is very useful for a system with a large number of users, or whose function may be changed, or with limited storage space. We give a formal definition and security model of GRSC in the certificate-based cryptosystem setting and propose a concrete scheme by using bilinear pairings. The confidentiality of our scheme can be proved under the GBDH and CDH assumptions and the unforgeability of our scheme can be proved under GDH′ and CDH assumptions in the random oracle model, and what is more, our scheme has unconditional anonymity. Compared with other certificateless ring signcryption schemes that use bilinear pairings, it is a highly efficient one.

Executing multi-dimensional range query efficiently and flexibly over outsourced ciphertexts in the cloud

Abstract Encryption is one of the most straightforward methods for ensuring the confidentiality of outsourced data on the cloud. However, encryption makes queries more difficult to perform. In recent years, new encryption schemes for facilitating queries have been proposed. However, for these schemes, some cannot support the scenario of multiple users, some are inefficient, and some are not sufficiently flexible (users must always ask the data owner for the tokens that are used for searching ciphertexts on the cloud). In this paper, we propose a scheme that supports efficient and flexible range search over ciphertexts in the scenario of multiple users. In our scheme, we construct an Encrypted Interval Tree (EIT) as the index for ciphertexts. The data owner outsources the EIT and ciphertexts to the cloud, and later distributes secret parameters (search keys, navigation paths and signatures) to users. By utilizing these secret parameters, users can generate tokens for the queried ranges without communication with the data owner and subsequently use the tokens to perform range search over ciphertexts on the cloud. Moreover, the signature technique is adopted in our scheme. Thus, the cloud can authenticate the identifiers of users and determine the legality of tokens. In this paper, we implement our scheme and conduct extensive experiments. The experimental results demonstrate the efficiency of our scheme. Finally, we analyze the security of our scheme.

Convenient Top-k Location-Text Publish/Subscribe Scheme

With the popularity of social media and GPS equipment, a large number of the location-text data have been produced in the form of stream. The popularity leads to a variety of applications, such as based-location advice and location information transmission. Existing top-k location-text publish/subscribe schemes need subscriber to set a threshold, k value (the number of returned top results) and preference parameter \( \delta \) (the decision of which one is more important about location or text). The threshold brings lots of disadvantages to subscribers and publishers. Therefore in this paper, we propose an efficient top-k location-text publish/subscribe scheme without threshold which is named as TGT. Our scheme only needs subscriber to input k value and preference parameter \( \delta \). Then TGT returns top-k results to the subscriber based on k and \( \delta \) without any threshold. Therefore, our scheme can reduce redundant computation, improve the recall ratio and facilitate the subscriber. Extensive experiments prove the efficiency and effectiveness of the proposed scheme.

Real-Time Tracking with Multi-center Kernel Correlation Filter

Recently, visual object tracking based on kernel correlation filtering has achieved great success. Application of robust feature, such as the Histogram of Oriented Gradients, is an important reason for the success of the kernel correlation filtering. However, the extraction of the HOG feature may bias the estimation of the target. To overcoming such kind of deviation, this paper proposes a real-time tracker with a multi-center strategy based on the kernel correlation filtering. Finally, abundant experimental results show that the multi-center kernel correlation filtering tracker of this paper has been made great progress relative the kernel correlation filtering tracker.

Assumption Queries Processing of Probabilistic Relational Databases

Many prevail applications, such as data cleaning, sensor networks, tracking moving objects, emerge an increasing demand for managing uncertain data. Probabilistic relational databases support uncertain data management. Informally, a probabilistic database is a probability distribution over a set of deterministic databases (namely, possible worlds). Assumption queries in probabilistic relational databases have natural and important applications. To avoid unnecessary updates of probabilistic relational databases in existing general methods of assumption queries processing, an optimization method by computing conditional probability is proposed to handle assumption queries. The effectiveness of the optimization strategies for assumption queries is demonstrated in the experiment.

Reversible Authentication of Wireless Sensor Network Based on Prediction-Error Histogram and CRC

In this paper, a reversible authentication scheme for wireless sensor network (WSN) is proposed. Firstly, the WSN data stream is divided into some authentication groups, and each authentication group is composed of a generator group and a carrier group. Then the cyclical redundancy check (CRC) code of generator group is produced as the authentication information. In the carrier group, using the prediction-error-based histogram shifting algorithm, the authentication information is reversibly embedded into the fluctuation region of prediction-error histogram (PEH), not the smooth region. Experimental results and analysis demonstrate that compared with previous schemes, the proposed scheme achieves better performances on computation complex, false tampering alarm and attraction to attackers.