Selected Recent Publications

"G-SIR: An Insider Attack Resilient Geo-Social Access Control Framework"

Baracaldo, Nathalie, Balaji Palanisamy, and James Joshi. IEEE Transactions on Dependable and Secure Computing. 2017

Abstract. Insider attacks are among the most dangerous and costly attacks to organizations. These attacks are carried out by individuals who are legitimately authorized to access the system. Preventing insider attacks is a daunting task. The recent proliferation of social media and mobile devices offer new opportunities to collect geo-social information that can help in detecting and deterring insider attacks. In particular, such geo-social information allows us to better understand the context and behavior of users. In this paper, we propose a Geo-Social Insider Threat Resilient Access Control Framework (G-SIR) to deter insider threats by including current and historic geo-social information as part of the access control decision process. We include policy constraints to manage the risks of colluding communities, proximity threats, and suspicious users while leveraging the presence of users around the requester to make an access decision. By examining users’ geo-social behavior, we can detect those users whose access behavior deviates from the expected patterns; such suspicious behaviors can point to potential insider attackers who may deliberately or inadvertently carry out malicious activities. We use such information to establish how trustworthy a user is before granting access. We evaluate the G-SIR framework through extensive simulations and our results show that the proposed approach is efficient, scalable and effective.

"Emerge: Self-emerging Data Release using Cloud Data Storage"

Chao Li and Balaji Palanisamy. Proc. of 10th IEEE International Conference on Cloud Computing, Honolulu, USA IEEE Cloud 2017

Abstract. In the age of Big Data, advances in distributed technologies and cloud storage services provide highly efficient and cost-effective solutions to large scale data storage and management. Supporting self-emerging data using clouds is a challenging problem. While straight-forward centralized approaches provide a basic solution to the problem, unfortunately they are limited to a single point of trust. Supporting attack-resilient timed release of encrypted data stored in clouds requires new mechanisms for self emergence of data encryption keys that enables encrypted data to become accessible at a future point in time. Prior to the release time, the encryption key remains undiscovered and unavailable in a secure distributed system, making the private data unavailable. In this paper, we propose Emerge, a self-emerging timed data release protocol for securely hiding data encryption keys of private encrypted data in a large-scale Distributed Hash Table (DHT) network that makes the data available and accessible only at the defined release time. We develop a suite of erasure-codingbased routing path construction schemes for securely storing and routing encryption keys in DHT networks that protect an adversary from inferring the encryption key prior to the release time (release-ahead attack) or from destroying the key altogether (drop attack). Through extensive experimental evaluation, we demonstrate that the proposed schemes are resilient to both release-ahead attack and drop attack as well as to attacks that arise due to traditional churn issues in DHT networks.

"Cost-aware resource management for federated clouds using resource sharing contracts"

Jinlai Xu and Balaji Palanisamy. Proc. of 10th IEEE International Conference on Cloud Computing, Honolulu, USA IEEE Cloud 2017

Abstract. Cloud computing and its pay-as-you-go model continue to provide significant cost benefits and a seamless service delivery model for cloud consumers. The evolution of small-scale and large-scale geo-distributed datacenters operated and managed by individual cloud service providers raises new challenges in terms of effective global resource sharing and management of autonomously-controlled individual datacenter resources. Earlier solutions for geo-distributed clouds have focused primarily on achieving global efficiency in resource sharing that results in significant inefficiencies in local resource allocation for individual datacenters leading to unfairness in revenue and profit earned. In this paper, we propose a new contracts-based resource sharing model for federated geo-distributed clouds that allows cloud service providers to establish resource sharing contracts with individual datacenters apriori for defined time intervals during a 24 hour time period. Based on the established contracts, individual cloud service providers employ a cost-aware job scheduling and provisioning algorithm that enables tasks to complete and meet their response time requirements. The proposed techniques are evaluated through extensive experiments using realistic workloads and the results demonstrate the effectiveness, scalability and resource sharing efficiency of the proposed model.

"Timed-release of Self-emerging Data using Distributed Hash Tables"

Chao Li and Balaji Palanisamy. Proc. of 37th IEEE International Conference on Distributed Computing Systems, Atlanta, USA. ICDCS 2017

Abstract. Releasing private data to the future is a challenging problem. Making private data accessible at a future point in time requires mechanisms to keep data secure and undiscovered so that protected data is not available prior to the legitimate release time and the data appears automatically at the expected release time. In this paper, we develop new mechanisms to support self-emerging data storage that securely hide keys of encrypted data in a Distributed Hash Table (DHT) network that makes the encryption keys automatically appear at the predetermined release time so that the protected encrypted private data can be decrypted at the release time. We show that a straight-forward approach of privately storing keys in a DHT is prone to a number of attacks that could either make the hidden data appear before the prescribed release time (release-ahead attack) or destroy the hidden data altogether (drop attack). We develop a suite of self-emerging key routing mechanisms for securely storing and routing encryption keys in the DHT. We show that the proposed scheme is resilient to both release-ahead attack and drop attack as well as to attacks that arise due to traditional churn issues in DHT networks. Our experimental evaluation demonstrates the performance of the proposed schemes in terms of attack resilience and churn resilience.

"Insider Threat Mitigation in Attribute based Encryption"

Runhua Xu, James B.D. Joshi, Prashant Krishnamurthy and David Tipper. In 9th Annual National Cyber Security Summit (Research Track) NCS 2017

Abstract. Recent advances in computing have enabled cloud storage service, among others, that collect and provide efficient long term storage of huge amounts data that may include users’ privacy sensitive information. Concerns about the security and privacy of the sensitive data stored in the cloud is one key obstacle to the success of these cloud based applications and services. To tackle these issues, Attribute based Encryption (ABE) approaches, especially the Ciphertext-Policy Attribute based Encryption (CP-ABE), have been shown to be very promising. ABE helps provide access control solutions to protect the privacy-sensitive information stored in the cloud storage centers. However, use of an ABE approach in such cases suffers from two key insider threats: insider threat due to colluding users; and that due to a potentially malicious or compromised authority center. Even though the users’ collusion has been addressed in the literature, to our best knowledge, the authority center as an insider has not been addressed, and existing schemes assume that the authority is fully trusted or honest-but-curious. In this paper, we propose a new technical solution to mitigate the threat from the authority as an insider in an ABE system. We present analysis to show that the proposed work is efficient from the perspective of algorithms and can mitigate the insider threat in the authority party effectively.

"SocialMix: Privacy-aware Communication in Online Social Networks"

Chao Li, Balaji Palanisamy and James Joshi. Proc. of 23rd IEEE International Conference on Web Services, San Francisco, USA ICWS 2016

Abstract. Online Social Networks (OSNs) have been one of the most successful web-based communication models. In the recent years, a new category of OSNs namely anonymous social networks are becoming popular. Unlike traditional Online Social Networks, anonymous social networks allow users to communicate without exposing their identity. This paper presents a trusted anonymous social network service that can anonymize user identities during interaction even though the communication happens with the user’s own trusted friends and contacts on the social network. A fundamental requirement of such a trusted anonymous social networks is to protect the user’s identity under the guarantees of anonymity. However, in existing approaches, even though the user information is anonymized, by continuously aggregating the information from the messages posted by a user, it is possible to re-identify the user with high probability. In this paper, we propose SocialMix that anonymizes the users of a trusted social network such that the aggregation of messages can be prevented. We make three original contributions. First, we develop the SocialMix model for trusted anonymous social networks so that communication privacy can be protected by k-anonymization. Second, by considering the features of OSNs, we analyze the vulnerabilities of the naive methods that might be exploited to break the privacy. We develop new techniques to improve the attack-resilience of the SocialMix approach. Third, we propose intelligent mix node selection methods to significantly reduce the required number of social mix nodes while still keeping high anonymization rate. Our experiments shows that SocialMix provides high attack resilience and keeps high anonymization rate with few mix nodes under the trusted social network model.

"An Integrated Privacy Preserving Attribute Based Access Control Framework."

Runhua Xu and James B.D. Joshi. In 2016 IEEE 9th International Conference on Cloud Computing (Research Track), San Francisco, USA. Cloud 2016

Abstract. Recent advances in IT have enabled many applications that generate/collect huge amounts of personal data. While these advances have made many personalized applications such as personalized user-centric healthcare possible there are significant system maintenance cost related to data management, and security and privacy issues that need to be first addressed. Although cloud computing presents a new paradigm that helps maintaining users aggregated information distributed in different Internet enabled applications in one place, it also introduces new challenges in security and privacy. In this paper, we propose an integrated user-centric (or an organization-centric) privacy preserving attribute based access control approach to protect the security and privacy of a user's(or the organization's) data stored by a cloud service provider. The proposed approach includes a novel privacypreserving revocable ciphertext policy attribute-based encryption (PR-CP-ABE) scheme. We also propose an extended Path-ORAM protocol that addresses the access pattern privacy as users access the protected data on cloud. We present security and privacy analysis and compare the performance parameters with other existing approaches.

"Distributed Algorithms for Spatial Retrieval Queries in Geospatial Analysis"

Qiulei Guo, Balaji Palanisamy, Hassan A. Karimi and Liming Zhang Services Transactions on Cloud Computing STCC 2016

Abstract. The proliferation of data acquisition devices like 3D laser scanners had led to the burst of large-scale spatial terrain data which imposes many challenges to spatial data analysis and computation. With the advent of several emerging cloud technologies, a natural and cost-effective approach to managing such large-scale data is to store and process such datasets in a publicly hosted cloud service using modern distributed computing paradigms such as MapReduce. For several key spatial data analysis and computation problems, polygon retrieval is a fundamental operation which is often computed under real- time constraints. However, existing sequential algorithms fail to meet this demand effectively given that terrain data in recent years have witnessed an unprecedented growth in both volume and rate. In this work, we present a MapReduce-based parallel polygon retrieval algorithm which aims at minimizing the IO and CPU loads of the map and reduce tasks during spatial data processing. Our proposed algorithm first hierarchically indexes the spatial terrain data using a quad-tree index, with the help of which, a significant amount of data is filtered out in the pre- processing stage based on the query object. In addition, a prefix tree based on the quad-tree index is built to query the relationship between the terrain data and query area in real time which leads to significant savings in both I/O load and CPU time. The performance of the proposed techniques is evaluated in a Hadoop cluster and the results demonstrate that the proposed techniques are flexible and scalable. Our quad tree indexing with prefix tree acceleration lead to more than 35% reduction in execution time of the polygon retrieval operation over existing distributed algorithms while the quad tree indexing without prefix tree works best for the proximity query.

"ReverseCloak: Protecting Multi-level Location Privacy over Road Networks"

Chao Li and Balaji Palanisamy. Proc. of 24th ACM International Conference on Information and Knowledge Management. CIKM'15

Abstract. With advances in sensing and positioning technology, fueled by the ubiquitous deployment of wireless networks, locationaware computing has become a fundamental model for offering a wide range of life enhancing services. However, the ability to locate users and mobile objects opens doors for new threats - the intrusion of location privacy. Location anonymization refers to the process of perturbing the exact location of users as a cloaking region such that a user’s location becomes indistinguishable from the location of a set of other users. A fundamental limitation of existing location anonymization techniques is that location information once perturbed to provide a certain anonymity level cannot be reversed to reduce anonymity or the degree of perturbation. This is especially a serious limiting factor in multi-level privacy-controlled scenarios where different users of the location information have different levels of access. This paper presents ReverseCloak, a new class of reversible location cloaking mechanisms that effectively support multi-level location privacy, allowing selective de-anonymization of the cloaking region to reduce the granularity of the perturbed location when suitable access credentials are provided. We evaluate the ReverseCloak techniques through extensive experiments on realistic road network traces generated by GTMobiSim. Our experiments show that the proposed techniques are efficient, scalable and provide the required level of privacy.

"Bulk Analysis of Malicious PDF Documents"

Shauna Policicchio. Master's Thesis. April 2015

Abstract. From 2007 onward, the PDF document has proven to be a successful vector for malware infections, making up 80% of all exploits found by Cisco ScanSafe in 2009 [1]. Creating new PDF documents is very easy and the volume of PDF documents identified as malicious has grown beyond the capabilities of security researchers to analyze by hand. The solution proposed by this thesis is to automatically extract features from the PDF documents to group and classify them, so that similar malware may be identified without manual analysis, thus reducing the workload of the malware analyst. These features may also be studied to identify trends within the PDF documents, such as similar exploits or obfuscation techniques. Our results show that the object graph structure of the PDF document is an effective way to create an initial grouping of malicious PDF documents. Finding similarities in PDF documents reveals further information about a data set. In our first case study, we examine the entire data set to identify large groups of similar PDF documents and make conjectures about their origins. In our second case study, we use a PDF document of known origin to find similar PDF documents within a data set. Through the two case studies, we were able to identify 50.3% of our data set with very little manual analysis of the malicious PDF documents.

"Mutual-Friend Based Attacks in Social Network Systems"

Lei Jin, James Joshi, Mohd Anwar. Computers & Security. Sept. 2013

Abstract. Recently, we have seen a rapid growth of social networking systems (SNSs). In most SNSs, a user can configure his privacy settings to indicate who can or cannot see his friend list. Usually, SNSs, such as LinkedIn and Google Plus, also include a feature that allows a user to query mutual friends between him and any other user he can reach using the available public search feature in SNSs. While such a mutual friend feature is very helpful in letting users find new friends and connect to them, in this paper, we show that it also raises significant privacy concerns as an adversary can use it to find out some or all of the victim’s friends, although, as per the privacy settings of the victim, the adversary is not authorized to see his friend list directly. We show that by using mutual friend queries, an attacker can launch privacy attacks that we refer to as mutual-friend based attacks to identify friends and distant neighbors of targeted users. We analyze these attacks and identify various attack structures that an attacker can use to build attack strategies, using which an attacker can identify a user’s friends and his distant neighbors. Through simulations, we demonstrate that mutual-friend based attacks are effective. For instance, one of the simulation results show that an attacker using just one attacker node can identify more than 60% of a user’s friends.

More publications...