Sharif Digital Repository

Nanotechnology is an emerging field in technology that exploits the chemical and physical properties created by careful manipulation of materials at atomic and molecular levels. These properties lead to abilities created by this technology, which many scientists regard as the next industrial revolution. Although Nanotechnology promises bright future, today, researchers having learned from the history of technology are trying to predict its unwanted aspects and negative effects to decrease its potential issues. Researchers of Nano-ethics are trying to enable us to encounter Nanotechnology’s achievements in a reasonable way, by studying its ethical and social obligations. Since in our country,... 

In recent two decades, different anonymous communication systems has been proposed. These systems are interested by journalists, bank employees, military forces, and human rights advocates. Tor is one of the most popular anonymous communication systems. Tor uses onion routing for privacy preserving. Re-cently, many attacks has been introduced against the anonymity of Tor users.In these attacks entry and exit nodes are compromised. One of these malicious nodes, makes the attack on the intented flow and the other one recognizes the flow. All these attacks admit their vulnerability against dummy messages. They state that, because of dynamics of onion’s keys, any dummy injection will dis-turb... 

Online social networks (OSNs) can be considered as huge success. However, this success costs users their privacy and loosing own rship of their own data; Sometimes the operators of social networking sites, have some business incentives adverse to users' expectations of privacy. These sort of privacy breaches have inspired research toward privacy-preserving alternatives for social networking in a decentralized fashion. Yet almost all alternatives lack proper feasibility and efciency, which is because of a huge mismatch between aforementioned goal and today's network's means of achieving it. Current Internet architecture is showing signs of age. Among a variety of proposed directions for a new... 

Mobile localization development, is the reason for appearance of location-based services (LBS). Be sure of not disclosing the user personal information is the main challenge in LBS. Many different concepts and approaches for the protection of location privacy have been described in the literature which change the query of user to server. These approaches falling roughly into two main categories: centralized and distributed (user-centric). Centralized category includes approaches like “changing query pattern” using encryption on user device, or using an “anonymizer trusted third party”. In such approaches threat of an untrustworthy LBS server is addressed by the introduction of a new... 

Different data sources are creating a huge amount of data at increasing speeds that require real-time processing. Such data is called “Big data stream". Although, mining and analysis this type of data is so useful for companies, but it also may cause many privacy breaches. The principle issues for big data stream’ anonymization are real time processing and information loss. There are some works that are proposed for data streams, but they have some drawbacks such as inefficient anonymization of big data stream and also not consider time expiration of tuples that lead to increase the information loss and cost of the data publishing. In this thesis, in order to speed up the ability of big data... 

Using “Searchable Encryption” enables us to encrypt the data, while preserving the possibility of running search queries. One of the most important applications of the mentioned is in Cloud Storage. As users do not trust the Cloud space, they are not inclined to store their data on the Could. The solution to this problem is of course, Cryptography. However, ordinary Cryptography methods, eliminate the data’s searchability. Hence, we need encryption schemes that code the data while retaining their searchability. So far, various schemes has been proposed that differ in their performance, security level, and usage. In this thesis, we aim to discuss and analyze these methods  

Nowadays, with the increasing growth of internet’s speed and accessibility, and the explosion of potentials and services that smartphone applications offer, smartphones have become an inseparable part of most people's lives. At the same time, free messenger applications attract lots of people since they reduce costs, increase speed, and make communication much easier, in a way that almost all smartphone users utilize at least one of these messaging services. Moreover, the emerging use of messaging services has triggered privacy concerns and personal data treatment for users. In recent years, lots of studies focused on identifying users’ activities on the encrypted traffic, mostly with the... 

Social networks and the shared data in these networks are always considered as good opportunities in hands of the attackers. To evaluate the privacy risks in these networks and challenge the anonymization techniques, several de-anonymization attacks have been introduced so far. In this thesis, we propose a technique to improve the success rate of passive seed based de-anonymization attacks. Our proposed technique is simple and can be applied in combination with different types of de-anonymization attacks. We show that it can achieve high success rates with low number of seeds compared to similar attacks. Our technique can also be used for applying partial attacks on graphs which results in... 

The development of distributed energy resources across the smart grid has led to a need for a secure and smart-grid-compatible auction scheme which can provide the grid users with the possibility of trading electricity. One of the most used types of auctions in the smart grid is the double auction, in which both buyers and sellers can respectively submit their bids and asks to participate in the auction. In recent years, many schemes have been designed to propose a double auction mechanism for the smart grids; however, few of these schemes consider the information security aspects and users’ privacy. In this thesis, we propose a protocol which helps different double auction mechanisms be... 

The internet of things is a network of interconnected things (people, electronic devices, mechanical machines, etc.) that are able to transfer data. The applications of internet of things in electronic health (eHealth) are becoming increasingly interested. Deployment of eHealth facilitates the access of users to healthcare services, and improves the quality of the services. Using cloud computing provides the accessibility of healthcare services, and enables a data owner to share his health data with doctors and healthcare service providers. Health data is considered sensitive. So, leakage of any information about it endangers data owner privacy. Attribute-based encryption is a cryptographic... 

In this thesis, we argue that in many basic algorithms for machine learning, including support vector machine (SVM) for classification, principal component analysis (PCA) for dimensionality reduction, and regression for dependency estimation, we need the inner products of the data samples, rather than the data samples themselves. Motivated by the above observation, we introduce the problem of private inner product retrieval for distributed machine learning, where we have a system including a database of some files, duplicated across some non-colluding servers. A user intends to retrieve a subset of specific size of the inner products of the data files with minimum communication load, without... 

The expansion of technology and the increasing use of mobile devices and smartphones have aected various aspects of personal and social life. These include the use of personal mobile devices in enterprise environments called BYODs have a number of positive and negative eects. On the one hand, it would be more cost-eective for an organization or business environment for users to use their own devices, but on the other hand, it poses numerous security and information challenges that are important to manage. These include disrupting the user’s privacy or disseminating organization information to personal devices and thus violating the organization’s security policies. In this study, a model is... 

Feature Extraction is an inseparable part of many machine learning algorithms. The extracted feature from the input data, while preserving the label information as much as possible, should make label inference more feasible than the input data itself. Additionally, in many machine learning, information theory, and privacy problems we have another constraint on eliminating sensitive, confounding, or unwanted information from the feature. That is why the problem of feature extraction with information regularization (preserving desired information and removing unwanted one) becomes an important issue that has been considered from different aspects, inter-connecting various fields.In this... 

A distributed ledger is a method of digital data storage and sharing in different places, and the blockchain technology is a way of implementing a distributed ledger. This technology has been employed in many of the cryptocurrencies like Ethereum to store transactions. In addition to storing transactions, Ethereum deploys scripts called smart contracts that are automatically executable. These scripts execute transparently and without preserving the privacy of participants. On the other hand, confidentiality and privacy are among the important components in data, network, and system security. Models such as Hawk and Enigma have been presented to obtain privacy-preserving in smart contracts;... 

With the advent of the Internet of Things (IoT), e-health has become one of the main topics of research. Due to the sensitivity of patient information, patient privacy seems challenging. Nowadays, patient data is usually stored in the cloud in healthcare programs, making it difficult for users to have enough control over their data. The recent increment in announced cases of security and surveillance breaches compromising patients' privacy call into question the conventional model, in which third-parties gather and control immense amounts of patients' Healthcare data. In this work, we try to resolve the issues mentioned above by using blockchain technology. We propose a blockchain-based... 

Lightweight clients are a type of blockchain users who do not store all the blocks in the blockchain due to limited resources. These users store only a small part of each block and when needed, request transactions from full nodes that store the entire blockchain. These users have no role in block validation and only want to receive transactions related to their addresses with proof of the inclusion in the block from full nodes.Since light clients rely on full nodes for receiving transactions, their privacy against full nodes is important. The current implementation of Bitcoin uses Bloom filters for privacy, but this offers very little privacy to the users.In this thesis, we study the... 

Opportunistic delay tolerance networks are widely used networks that do not require infrastructure. Many routing algorithms have been proposed for these networks in which nodes need to compare their metrics (such as visit frequency, node geographical location, etc.)Therefore, routing in these networks has a high security risk and the possibility of violating privacy. There are many ways to protect privacy, but these methods have limitations: some are limited to vehicles and some are limited to social networks and node communities. Also, more general methods require a lot of complexity, including processing time, storage resources, and key management.In this study, we propose a method with... 

With the increasing use of mobile smartphones, securing the information and protecting the mobile users’ privacy is one of the important subjects in this context. Android, as one of the most popular operating systems for smartphones, uses strategies to provide system security and user privacy; one of these strategies is permission system. Applications should get permissions from users to access their sensitive data. Most related researches and the android itself, focuses on granting or revoking permissions to the program in a way that it doesn’t misuse the user’s sensitive data, but most of the time, the purpose of accessing data is not obvious and the user doesn’t have enough knowledge... 

Managing health data and providing remote treatment services to patients has always faced security and privacy challenges. Because of the importance and sensitivity of this data, the use of centralized networks such as cloud space and trustin a cloud server can be dangerous, due to the lack of complete trust in the cloud server. To prevent the threats of centralized systems, we provide a decentralized blockchain-based system in which miners, in addition to authenticating physicians and patients, are also responsible for searching encrypted data and all user activities can be tracked in the distributed ledger. The proposed scheme preserves data privacy, and there is no need to trust a server.... 

Coming to the generation of technology, where everything is possible through the Internet contributes a significant proportion to privacy protection. Several Privacy protection technologies have been launched to maintain the confidentiality of user information. Tor, also known as an Onion Router, is indeed the largest global anonymized network technology, including over 7000 distinct domain controller endpoints located all over the globe. Various kinds of wrongdoings are increasing day by day such as terrorism, abuse of the child is increasing using the network. To stop this monitoring plan is needed to develop. To enable this all the hacking mechanisms along with the architecture were...