Cyber Security Research Group

Publications

Journals

2017

Kassaye Yitbarek Yigzaw, Antonis Michalas and Johan Gustav Bellika.
“Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving distributed statistical computation”.
Journal of Medical Informatics and Decision Making (BMC), 2017.

Background Techniques have been developed to compute statistics on distributed datasets without revealing private information except the statistical results. However, duplicate records in a distributed dataset may lead to incorrect statistical results. Therefore, to increase the accuracy of the statistical analysis of a distributed dataset, secure deduplication is an important preprocessing step. Methods We designed a secure protocol for the deduplication of horizontally partitioned datasets with deterministic record linkage algorithms. We provided a formal security analysis of the protocol in the presence of semi-honest adversaries. The protocol was implemented and deployed across three microbiology laboratories located in Norway, and we ran experiments on the datasets in which the number of records for each laboratory varied. Experiments were also performed on simulated microbiology datasets and data custodians connected through a local area network. Results The security analysis demonstrated that the protocol protects the privacy of individuals and data custodians under a semi-honest adversarial model. More precisely, the protocol remains secure with the collusion of up to N − 2 corrupt data custodians. The total runtime for the protocol scales linearly with the addition of data custodians and records. One million simulated records distributed across 20 data custodians were deduplicated within 45 s. The experimental results showed that the protocol is more efficient and scalable than previous protocols for the same problem. Conclusions The proposed deduplication protocol is efficient and scalable for practical uses while protecting the privacy of patients and data custodians.

@Article{Michalas:17:Deduplication,

author = "Yigzaw, Kassaye Yitbarek and Michalas, Antonis and Bellika, Johan Gustav",
title = "Secure and scalable deduplication of horizontally partitioned health data for privacy-preserving distributed statistical computation",
journal = "BMC Medical Informatics and Decision Making",
volume = "17",
number = "1",
pages = "1",
year  = "2017",
abstract  = "Techniques have been developed to compute statistics on distributed datasets without revealing private information except the statistical results. However, duplicate records in a distributed dataset may lead to incorrect statistical results. Therefore, to increase the accuracy of the statistical analysis of a distributed dataset, secure deduplication is an important preprocessing step.",
issn = "1472-6947",
doi = "10.1186/s12911-016-0389-x",
url = "http://dx.doi.org/10.1186/s12911-016-0389-x"
}

 

2016

Nicolae Paladi, Christian Gehrmann and Antonis Michalas . “Providing End-User Security Guarantees in Public Infrastructure Clouds ”. IEEE Transactions on Cloud Computing, a special issue on “Cloud Security Engineering”, IEEE, 2016.

The infrastructure cloud (IaaS) service model offers improved resource flexibility and availability, where tenants – insulated from the minutiae of hardware maintenance – rent computing resources to deploy and operate complex systems. Large-scale services running on IaaS platforms demonstrate the viability of this model; nevertheless, many organizations operating on sensitive data avoid migrating operations to IaaS platforms due to security concerns. In this paper, we describe a framework for data and operation security in IaaS, consisting of protocols for a trusted launch of virtual machines and domain-based storage protection. We continue with an extensive theoretical analysis with proofs about protocol resistance against attacks in the defined threat model. The protocols allow trust to be established by remotely attesting host platform configuration prior to launching guest virtual machines and ensure confidentiality of data in remote storage, with encryption keys maintained outside of the IaaS domain. Presented experimental results demonstrate the validity and efficiency of the proposed protocols. The framework prototype was implemented on a test bed operating a public electronic health record system, showing that the proposed protocols can be integrated into existing cloud environments.

@ARTICLE{Michalas:16:Trusted:Launch,

author = {N. Paladi and C. Gehrmann and A. Michalas}, 
journal = {IEEE Transactions on Cloud Computing}, 
title          = {Providing User Security Guarantees in Public Infrastructure Clouds}, 
year    = {2016}, 
volume   = {PP}, 
number = {99},
pages    = {1-1},

keywords

= {Cloud computing;Computational modeling;Encryption;Protocols;Virtual machining;Cloud Computing;Security;Storage Protection;Trusted Computing},
doi = {10.1109/TCC.2016.2525991},
ISSN = {2168-7161}, 

month

= {},
}

Kassaye Yitbarek Yigzaw, Antonis Michalas and Johan Gustav Bellika. “Secure and scalable statistical computation of questionnaire data in R”. IEEE Access Journal, a special issue of Big Data Analytics for Smart and Connected Health, IEEE, 2016.

Collecting data via a questionnaire and analyzing them while preserving respondents' privacy may increase the number of respondents and the truthfulness of their responses. It may also reduce the systematic differences between respondents and non-respondents. In this paper, we propose a privacy-preserving method for collecting and analyzing survey responses using secure multi-party computation. The method is secure under the semi-honest adversarial model. The proposed method computes a wide variety of statistics. Total and stratified statistical counts are computed using the secure protocols developed in this paper. Then, additional statistics, such as a contingency table, a chi-square test, an odds ratio, and logistic regression, are computed within the R statistical environment using the statistical counts as building blocks. The method was evaluated on a questionnaire data set of 3158 respondents sampled for a medical study and simulated questionnaire data sets of up to 50 000 respondents. The computation time for the statistical analyses linearly scales as the number of respondents increases. The results show that the method is efficient and scalable for practical use. It can also be used for other applications in which categorical data are collected.

@ARTICLE{Michalas:16:Questionnaire,  
author = {K. Yigzaw and A. Michalas and J. Bellika}, 
journal = {IEEE Access},
title = {Secure and Scalable Statistical Computation of Questionnaire Data in R}, 
year = {2016}, 
volume = {PP},
number = {99},
pages = {1-1},
keywords = {Computational modeling;Data privacy;Logistics;Statistical analysis;Systematics;Bloom Filter;Privacy;Questionnaire;Secret Sharing;Secure Multi-Party Computation;Statistical Analysis},
doi = {10.1109/ACCESS.2016.2599851},
ISSN = {2169-3536},
month = {},
}

 

2014

Tassos Dimitriou and Antonis Michalas . “Multi-Party Trust Computation in Decentralised Environments in the Presence of Malicious Adversaries”. Ad Hoc Networks Journal, a special issue on “Smart Solutions for Mobility Supported Distributed and Embedded Systems”, Elsevier, 2014.

In this paper, we describe a decentralized privacy-preserving protocol for securely casting trust ratings in distributed reputation systems. Our protocol allows n participants to cast their votes in a way that preserves the privacy of individual values against both internal and external attacks. The protocol is coupled with an extensive theoretical analysis in which we formally prove that our protocol is resistant to collusion against as many as n − 1 corrupted nodes in both the semi-honest and malicious adversarial models.

The behavior of our protocol is tested in a real P2P network by measuring its communication delay and processing overhead. The experimental results uncover the advantages of our protocol over previous works in the area; without sacrificing security, our decentralized protocol is shown to be almost one order of magnitude faster than the previous best protocol for providing anonymous feedback.

@article{Michalas:14:StRM,  
author = {Dimitriou, Tassos and Michalas, Antonis},
title = {Multi-party Trust Computation in Decentralized Environments in the Presence of Malicious Adversaries},
journal = {Ad Hoc Networks},
issue_date = {April, 2014},
volume = {15},
month = apr,
year = {2014},
ISSN = {1570-8705},
pages = {53--66},
numpages = {14},
url = {http://dx.doi.org/10.1016/j.adhoc.2013.04.013},
doi = {10.1016/j.adhoc.2013.04.013},
acmid = {2583229},
publisher = {Elsevier Science Publishers B. V.},
address = {Amsterdam, The Netherlands, The Netherlands},
keywords
 
= {Anonymous feedback, Decentralized reputation systems, Security, Voter privacy},
}

 

2012

Antonis Michalas, Tassos Dimitriou, Thanassis Gianetsos, Nikos Komninos and Neeli R. Prasad. “Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes”. Springer Wireless Personal Communication, Springer, 2012.

In this paper, we focus on attacks and defense mechanisms in additive reputation systems. We start by surveying the most important protocols that aim to provide privacy between individual voters. Then, we categorize attacks against additive reputation systems considering both malicious querying nodes and malicious reporting nodes that collaborate in order to undermine the vote privacy of the remaining users. To the best of our knowledge this is the first work that provides a description of such malicious behavior under both semi-honest and malicious model. In light of this analysis we demonstrate the inefficiencies of existing protocols.

@article{Michalas:12:Vulnerabilities:Reputation,

year = {2012},
ISSN = {0929-6212},
journal = {Wireless Personal Communications},
volume = {66},
number = {3},
title = {Vulnerabilities of Decentralized Additive Reputation Systems Regarding the Privacy of Individual Votes},
publisher = {Springer US},
keywords = {Decentralized reputation systems; Security; Voter privacy},
author = {Michalas, Antonis and Dimitriou, Tassos and Giannetsos, Thanassis and Komninos, Nikos and Prasad, NeeliR.},
pages = {559-575},
language = {English}

 

2011

Antonis Michalas, Nikos Komninos and Neeli R. Prasad. “Mitigate DoS and DDoS attack in Ad Hoc Networks”. International Journal of Digital Crime and Forensics, IGI Global, 2011.

This paper proposes a technique to defeat Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks in Ad Hoc Networks. The technique is divided into two main parts and with game theory and cryptographic puzzles. Introduced first is a new client puzzle to prevent DoS attacks in such networks. The second part presents a multiplayer game that takes place between the nodes of an ad hoc network and based on fundamental principles of game theory. By combining computational problems with puzzles, improvement occurs in the efficiency and latency of the communicating nodes and resistance in DoS and DDoS attacks. Experimental results show the effectiveness of the approach for devices with limited resources and for environments like ad hoc networks where nodes must exchange information quickly.

2011 - IJDCF - Mitigate Dos and DDoS attack in Ad Hoc Networks.pdf

@article{Michalas:11:Mitigate:DDoS,

title  = {Mitigate DoS and DDoS attack in mobile ad hoc networks},
author = {Michalas, Antonis and Komninos, Nikos and Prasad, Neeli R},
journal = {International Journal of Digital Crime and Forensics (IJDCF)},
volume = {3},
number = {1},
pages = {14--36},
year  = {2011},
publisher  = {IGI Global}

 

People

Find out who is involved with the Cyber Security Research Group.

Student projects

Find out about the our student projects.

Contact

Get in touch to get more information about Cyber Security Research Group.