Sharif Digital Repository

Widespread growth in Android malware stimulates security researchers to propose different methods for analyzing and detecting malicious behaviors in applications. Nevertheless, current solutions are ill-suited to extract the fine-grained behavior of Android applications accurately and efficiently. In this paper, we propose ServiceMonitor, a lightweight host-based detection system that dynamically detects malicious applications directly on mobile devices. ServiceMonitor reconstructs the fine-grained behavior of applications based on their interaction with system services (i.e. SMS manager, camera, wifi networking, etc). ServiceMonitor monitors the way applications request system services in... 

In this paper, we consider to seek vulnerabilities and we conduct possible attacks on the crucial and essential parts of Android OSs architecture including the framework and the Android kernel layers. As a regard, we explain the Binder component of Android OS from security point of view. Then, we demonstrate how to penetrate into the Binder and control data exchange mechanism in Android OS by proposing a kernel level attack model based on the hooking method. As a result, by implementing the attack model, it is illustrated that the Android processes are detectable and the data can be extracted from any process and system calls. © 2016 IEEE  

Dynamic nature of mobile ad hoc networks combined with their lack of centralized infrastructure make security problem the most challenging issue in such networks. The main contribution of this paper is to propose a secure and efficient key management algorithm, able to satisfying the requirement of such networks and facing their specific characteristics. The proposed algorithm is a fully distributed ID-based system which is built based on elliptic curve cryptography. The main advantage of the proposed algorithm, that gives it the superiority in its field of research, is the improvement of the performance and the security strength together. The proposed algorithm is implemented with much... 

Proxy signatures allow an entity to delegate its signing capability to a proxy which can sign messages on behalf of the delegator. We examine identity-based versions of proxy signatures which employ identity strings in place of randomly generated public keys. First, we give a new generic construction of identity-based proxy signatures from identity-based standard signatures and show that our generic construction is secure if the underlying identity-based standard signature is secure. In addition, we present the first identity-based proxy signature from Rivest, Shamir and Adleman (RSA), secure under the one-wayness of RSA in the random oracle model. We should highlight that the proxy key... 

Polar codes are a new class of error correcting linear block codes, whose generator matrix is specified by the knowledge of transmission channel parameters, code length and code dimension. Moreover, regarding computational security, it is assumed that an attacker with a restricted processing power has unlimited access to the transmission media. Therefore, the attacker can construct the generator matrix of polar codes, especially in the case of binary erasure channels, on which this matrix can be easily constructed. In this paper, we introduce a novel method to keep the generator matrix of polar codes in secret in a way that the attacker cannot access the required information to decode the... 

The hard corona, the protein shell that is strongly attached to the surface of nano-objects in biological fluids, is recognized as the first layer that interacts with biological objects (e.g., cells and tissues). The decoration of the hard corona (i.e., the type, amount, and conformation of the attached proteins) can define the biological fate of the nanomaterial. Recent developments have revealed that corona decoration strongly depends on the type of disease in human patients from which the plasma is obtained as a protein source for corona formation (referred to as the 'personalized protein corona'). In this study, we demonstrate that graphene oxide (GO) sheets can trigger different... 

A major challenge organizations face when hosting or moving their data to the Cloud is how to support complex queries over outsourced data while preserving their confidentiality. In principle, encryption-based systems can support querying encrypted data, but their high complexity has severely limited their practical use. In this paper, we propose an efficient yet secure secret sharing-based approach for outsourcing relational data to honest-but-curious data servers. The problem with using secret sharing in a data outsourcing scenario is how to efficiently search within randomly generated shares. We present multiple partitioning methods that enable clients to efficiently search among shared... 

The authors address the use of sparse representation to securely hide a message within non-overlapping blocks of a given colour image in the wavelet domain. All four sub-images of the two-dimensional wavelet transform of two colour bands are used for data embedding without affecting the image perceptibility. Bit error rate of hidden data extraction is reduced to zero by introducing a novel refinement procedure in the proposed algorithm. The refinement procedure introduced solves the hidden bit extraction errors caused by the rounding process, the overflows and the nature of approximation in sparse decomposition. Capacity of the proposed method is calculated using necessary conditions for... 

In order to provide anonymity, universal cryptosystems have been used in various applications, including mixnets with multiple receivers. Unlike ordinary re-encryption cryptosystems, universal cryptosystems for re-encryption of ciphertexts do not require knowledge of the public key of the receiver. Golle et al. introduced universal cryptosystems for public key cryptography. Contrary to public key cryptography, in ID-based cryptography, a public key infrastructure is not needed, which makes it suitable for situations where it is not cost-effective to distribute certificates or establish a public key infrastructure. In this paper, we first generalize the definition of universal cryptosystems... 

Mobile Ad-hoc Networks (MANETs) are forming dynamically by joining or leaving the nodes into/from the network without any fix infrastructure. It is also possible that each mobile node act as a host or router. This kind of wireless network is prone to various security threats or attacks due to its unique characteristics like dynamic topology, open medium, lack of central monitoring, etc. So security is a vital scope in MANET to protect communication between mobile nodes. Ad-hoc On-demand Distance Vector (AODV) is one of the on-demand reactive routing protocols in MANET that initially was improved without considering security protection. Significant attempts have been done to secure AODV... 

Proxy ring (anonymous proxy) signatures allow an entity to delegate its signing capability to a group of entities (proxy group) such that only one of the members in the proxy group can generate a proxy signature on behalf of the delegator, while privacy of the proxy signer is protected. Identity-based versions of proxy ring signatures employ identity strings in place of randomly generated public keys. Our contribution is twofold. First, we formalize a security model for identity-based proxy ring signatures. We note that there exists no formal security model for identity-based proxy ring signatures prior to our work. Second, we present the first provably secure identity-based proxy ring... 

The increased penetration of cellular networks has made voice channels widely available ubiquitously. On the other hand, mobile voice channels possess properties that make them an ideal choice for high priority, low-rate real-time communications. Mobile voice channel with the mentioned properties, could be utilised in emergency applications in vehicular communications area such as the standardised emergency call system planned to be launched in 2015. This study aims to investigate the challenges of data transmission through these channels and proposes an efficient data transfer structure. To this end, a proper statistical model for the channel distortion is proposed and an optimum detector... 

Public key management scheme in mobile ad hoc networks (MANETs) is an inevitable solution to achieve different security services such as integrity, confidentiality, authentication and non reputation. Probabilistic asymmetric key pre-distribution (PAKP) is a self-organized and fully distributed approach. It resolves most of MANET's challenging concerns such as storage constraint, limited physical security and dynamic topology. In such a model, secure path between two nodes is composed of one or more random successive direct secure links where intermediate nodes can read, drop or modify packets. This way, intelligent selection of intermediate nodes on a secure path is vital to ensure security... 

Today, from information security perspective, prevention methods are not enough solely. Early Warning Systems (EWSs) are in the category of reactive methods. These systems are complementing Intrusion Detection Systems (IDSs) where their main goals include early detection of potential malicious behavior in large scale environments such as national level. An important process in EWSs is the analysis and correlation of alerts aggregated from the installed sensors (e.g., IDSs, IP telescopes, and botnet detection systems). In this paper, an efficient framework for alert correlation in EWSs is proposed. The framework includes a correlation scheme based on a combination of statistical and stream... 

The 3rd Generation Partnership Project (3GPP) defined a new architecture, called Home eNode B (HeNB). HeNB is able to provide new services with higher data rate in a low cost. Security is a critical aspect of HeNB. In order to have HeNB secure access to core network, 3GPP defines an authentication protocol based on IKEv2. A number of security vulnerabilities such as HeNB masquerading have not been addressed and solved by 3GPP technical specification yet. In this paper an improved HeNB authentication protocol is introduced which does not allow an attacker to connect unauthorized network users using a mask. Finally, we evaluate our protocol performance and verify it by Automated Validation of... 

The developing of RFID systems in sensitive applications like e-passport, e-health, credit cards, and personal devices, makes it necessary to consider the related issues such as maximum reading distance, communication speed and data security. The use of signal processing methods is an efficient and convenient way to achieve the maximum reading distance and communication rate. However, the signal processing techniques are not adequate to provide a reasonable level of security and privacy for RFID systems. Thus, it is necessary to employ specific authentication protocols which assure data security and preserve the user’s privacy. Among other security and privacy characteristic of an RFID... 

MANET, which stands for Mobile Ad-hoc Network, is composed of a group of self-organized and wireless nodes that do not possess any predictable and fixed infrastructure. When nodes want to communicate with each other, they have to pass on their messages directly or indirectly. In case the destination node is out of the transmission range, the source node has to rely on intermediate nodes, which, in this case, is called indirect transmission. On the other hand, if the destination node is the neighboring node, there is no need to employ intermediate nodes, which, in this case, is called direct transmission. Over the past years, security issues in MANETs have received a great deal of attention... 

A Wireless sensor network (WSN) is composed of numerous sensor nodes with both insecurely limited hardware and restricted communication capabilities. Thus WSNs suffer from some inherent weaknesses. Key management is an interesting subject in WSNs because it is the fundamental element for all security operations. A few key management models for heterogeneous sensor networks have been proposed in recent years. In this paper, we propose a new key management scheme based on elliptic curve cryptography and signcryption method for hierarchical heterogeneous WSNs. Our scheme as a secure infrastructure has superior sensor node mobility and network scalability. Furthermore, we propose both a periodic... 

Yeh et al. have recently proposed a mutual authentication protocol based on EPC Class-1 Gen.-2 standard. They claim their protocol is secure against adversarial attacks and also provides forward secrecy. In this paper we show that the proposed protocol does not have cited security features properly. A powerful and practical attack is presented on this protocol whereby the whole security of the protocol is broken. Furthermore, Yeh et al.'s protocol does not assure the untraceabilitiy and backwarduntraceabilitiy attributes. We also will propose our revision to safeguard the Yeh et al.'s protocol against cited attacks  

Nowadays m-banking (mobile banking) is widely used in many banks. It has embarked upon supply of various services based on different systems and with the aid of various services such as the Short Message Service (SMS). However in developing countries such as Iran, m-banking is facing some challenges. One of these challenges is the issue of language of this system, because the main language of this system, in both side of bank system and customer mobile phone, is English. Also one of the main issues in m-banking services is the security of the systems. For solvin g the above problems, we proposed a method in this paper. By this method we send secure banking messages as well as Persian SMS for...