Browsing by Author "Li, Ninghui"

Now showing 1 - 4 of 4
  • Thumbnail Image
    Item
    Design and evaluation of a secure, privacy-preserving and cancelable biometric authentication : Bio-Capsule
    (2014-09-04) Sui, Yan; Zou, Xukai, 1963-; Bertino, Elisa; Li, Ninghui; Du, Yingzi, 1975-; Li, Feng; Prabhakar, Sunil; Gorman, William J.
    A large portion of system breaches are caused by authentication failure either during the system login process or even in the post-authentication session, which is further related to the limitations associated with existing authentication approaches. Current authentication methods, whether proxy based or biometrics based, are hardly user-centric; and they either put burdens on users or endanger users' (biometric) security and privacy. In this research, we propose a biometrics based user-centric authentication approach. The main idea is to introduce a reference subject (RS) (for each system), securely fuse the user's biometrics with the RS, generate a BioCapsule (BC) (from the fused biometrics), and employ BCs for authentication. Such an approach is user-friendly, identity-bearing yet privacy-preserving, resilient, and revocable once a BC is compromised. It also supports "one-click sign on" across multiple systems by fusing the user's biometrics with a distinct RS on each system. Moreover, active and non-intrusive authentication can be automatically performed during the user's post-authentication on-line session. In this research, we also formally prove that the proposed secure fusion based BC approach is secure against various attacks and compare the new approach with existing biometrics based approaches. Extensive experiments show that the performance (i.e., authentication accuracy) of the new BC approach is comparable to existing typical biometric authentication approaches, and the new BC approach also possesses other desirable features such as diversity and revocability.
  • Thumbnail Image
    Item
    Enhancing Biometric-Capsule-based Authentication and Facial Recognition via Deep Learning
    (ACM, 2019) Phillips, Tyler; Zou, Xukai; Li, Feng; Li, Ninghui; Computer and Information Science, School of Science
    In recent years, developers have used the proliferation of biometric sensors in smart devices, along with recent advances in deep learning, to implement an array of biometrics-based authentication systems. Though these systems demonstrate remarkable performance and have seen wide acceptance, they present unique and pressing security and privacy concerns. One proposed method which addresses these concerns is the elegant, fusion-based BioCapsule method. The BioCapsule method is provably secure, privacy-preserving, cancellable and flexible in its secure feature fusion design. In this work, we extend BioCapsule to face-based recognition. Moreover, we incorporate state-of-art deep learning techniques into a BioCapsule-based facial authentication system to further enhance secure recognition accuracy. We compare the performance of an underlying recognition system to the performance of the BioCapsule-embedded system in order to demonstrate the minimal effects of the BioCapsule scheme on underlying system performance. We also demonstrate that the BioCapsule scheme outperforms or performs as well as many other proposed secure biometric techniques.
  • Thumbnail Image
    Item
    Koinonia: verifiable e-voting with long-term privacy
    (ACM, 2019) Ge, Huangyi; Chau, Sze Yiu; Gonsalves, Victor E.; Liu, Huian; Wang, Tianhao; Zou, Xukai; Li, Ninghui; Computer and Information Science, School of Science
    Despite years of research, many existing e-voting systems do not adequately protect voting privacy. In most cases, such systems only achieve "immediate privacy", that is, they only protect voting privacy against today's adversaries, but not against a future adversary, who may possess better attack technologies like new cryptanalysis algorithms and/or quantum computers. Previous attempts at providing long-term voting privacy (dubbed "everlasting privacy" in the literature) often require additional trusts in parties that do not need to be trusted for immediate privacy. In this paper, we present a framework of adversary models regarding e-voting systems, and analyze possible threats to voting privacy under each model. Based on our analysis, we argue that secret-sharing based voting protocols offer a more natural and elegant privacy-preserving solution than their encryption-based counterparts. We thus design and implement Koinonia, a voting system that provides long-term privacy against powerful adversaries and enables anyone to verify that each ballot is well-formed and the tallying is done correctly. Our experiments show that Koinonia protects voting privacy with a reasonable performance.
  • Thumbnail Image
    Item
    On Several Problems Regarding the Application of Opportunistic Proximate Links in Smartphone Networks
    (2015) Peng, Wei; Li, Feng; Zou, Xukai; Li, Ninghui
    A defining characteristic of smartphones is the availability of short-range radio transceivers (the proximate channel) such as Bluetooth, NFC, and Wi-Fi Direct, in addition to traditional long-range cellular telecommunication technologies (the cellular channel). Coupled with smartphones’ portability and their human users’ mobility, the proximate channel provides opportunistic proximate links as a supplement/alternative to the cellular channel’s persistent infrastructural links for data communication. Opportunistic proximate links have a diverse set of applications, with each application scenario bringing a unique set of often conflicting objectives to balance. This dissertation presents a study on several problems regarding the application of opportunistic proximate links in smartphone networks. The first part of this dissertation, which includes Chapter 2, 3, and 4, focuses on the cost-effective distribution of content using opportunistic proximate links, and examines several applications: 1. Chapter 2 is on the use of opportunistic proximate links in selecting a representative subset from a set of smartphones for prioritized defense deployment in a Bring-Your-Own-Device (BYOD) enterprise network environment. 2. Chapter 3 is on the use of opportunistic proximate links for offloading bounded-delay-tolerant topical content from cellular persistent infrastructural links. 3. Chapter 4 is on the use of opportunistic proximate links in a generalized scenario of content distribution in a smartphone network that is heterogeneous in the availability of cellular persistent infrastructural links. The second part of this dissertation, which includes Chapter 5 and 6, considers the opposite problem of preventing the distribution of unwanted content (mobile malware) over opportunistic proximate links and the supplementary problem of detecting mobile malware. Chapter 5 considers a probabilistic behavioral malware detection framework for delay-tolerant smartphone networks that are connected by opportunistic proximate links. Solutions to several challenging problems that are unique to decentralized and opportunistic nature of such networks, including “balance between insufficient evidence and evidence collection risk,” “liars,” and “defectors” are proposed and evaluated. Based on the widely used Android mobile computing platform, Chapter 6 presents the design, implementation, and evaluation of a novel declarative approach to static binary analysis of Android apps, which underlies the problem of detecting malware on the Android platform. Real Android malware samples are analyzed, and techniques to robustly handle them are proposed and evaluated.