Cyberspace Safety and Security: 14th International Symposium, CSS 2022, Xi'an, China, October 16–18, 2022, Proceedings (Lecture Notes in Computer Science)

Preface
Organization
Contents
Cryptography and Its Applications
Publicly Verifiable Conjunctive Keyword Search with Balanced Verification Overhead
1 Introduction
1.1 Our Contribution
1.2 Related Work
2 Preliminaries
2.1 RSA Group
2.2 RSA Accumulator
2.3 Hardness Assumptions
2.4 Security Definitions
3 Publicly Verifiable SSE Based on Accumulator
4 Security Analysis
5 Performance Analysis
6 Conclusion
References
A Secure and Efficient Certificateless Authenticated Key Agreement Scheme for Smart Healthcare
1 Introduction
2 Security Model
3 Review and Cryptanalysis of WHX AKA Protocol
3.1 Review of WHX AKA Protocol
3.2 Cryptanalysis of WHX AKA Protocol
4 The Improved Scheme
4.1 Initialization Phase
4.2 Registration Phase
4.3 Authentication and Key Agreement Phase
5 Security Analysis of the Proposed Scheme
6 Performance Analysis
6.1 Security Comparison
6.2 Computation Cost
6.3 Communication Cost
7 Conclusion
References
Digital Signature Scheme to Match Generalized Reed-Solomon Code over GF(q)
1 Introduction
2 Preliminary
2.1 Public Key Cryptosystem Based on Error Correction Codes
2.2 Digital Signature Scheme Based on Error Correction Code
2.3 Security Concept
3 The Proposed Scheme
3.1 Reductionist Security Proof
4 Performance Analysis of the Proposed Algorithm
4.1 Signature Complexity
4.2 Public Key Size
4.3 Signature Length
5 Security Analysis
5.1 Information Set Decoding Attack
5.2 Distinguisher Attack
6 Result
7 Conclusions
References
A Collaborative Access Control Scheme Based on Incentive Mechanisms
1 Introduction
2 Related Work
3 The Proposed Scheme
3.1 Setup
3.2 KenGey
3.3 Encryption
3.4 Decryption
3.5 Incentive Mechanism of Blockchain
4 Analysis
4.1 Security Analysis
4.2 Performance Analysis
5 Conclusion
References
Quartet: A Logarithmic Size Linkable Ring Signature Scheme from DualRing
1 Introduction
1.1 Organization
2 Preliminaries
2.1 Notations
2.2 Sum Arguments of Knowledge
2.3 The DL-Based DualRing Signature
3 Syntax and Security Model
3.1 Syntax of LRS
3.2 Security Model
4 The Proposed Linkable Ring Signatures
4.1 Quartet: a Basic Version
4.2 Security Analysis of Quartet
4.3 Quartet+: An Improved Version with Logarithmic Size
4.4 Security Analysis of Quartet+
5 Evaluation and Analysis
5.1 Communication Cost
5.2 Computation Cost
6 Conclusion
References
Updatable Hybrid Encryption Scheme with No-Directional Key Update for Cloud Storage
1 Introduction
1.1 Our Motivations and Contributions
1.2 Related Works
2 Preliminaries
3 Formal Updatable Hybrid Encryption
3.1 Syntax
3.2 Instantiation Scheme
3.3 Correctness
3.4 UP-IND-CCA Security
3.5 Evaluation of the Proposed UHE Scheme
4 Conclusions
References
Data Security
FDLedger: Dynamic and Efficient Anonymous Audit for Distributed Ledgers
1 Introduction
1.1 Our Contributions
1.2 Related Work
2 Preliminaries
2.1 Notation
2.2 ElGamal Encryption Variant
2.3 Order-Revealing Encryption
2.4 Consensus
3 System Model
3.1 Architecture
3.2 Assumptions
3.3 Security Goals
4 FDLedger Construction
4.1 Main Idea
4.2 Sparse Prefix Symbol Tree
4.3 Our Construction
4.4 Discussions and Comparisons
5 Security Analysis
6 Performance Evaluation
6.1 Experiment Setup
6.2 Experiment Evaluation
7 Conclusion
References
A Method of Traceless File Deletion for NTFS File System
1 Introduction
2 Related Work
3 Brief Introduction for NTFS File System
4 A Method of Traceless Data Deletion for NTFS File System
4.1 The Requirements of Traceless Data Deletion
4.2 A Traceless Method of Data Deletion for NTFS File System
5 Performance Analysis
5.1 Experiment Result
5.2 Performance Analysis
6 Conclusion
References
Efficient and Collusion Resistant Multi-party Private Set Intersection Protocols for Large Participants and Small Sets Setting
1 Introduction
1.1 Contributions
2 Related Work
2.1 Traditional PSI
2.2 Collusion Resisting MP-PSI
3 Preliminaries
3.1 Diffie-Hellman Key Agreement
3.2 Zero Sharing Technique
4 Security Model
4.1 Functionality
4.2 Security Definitions
5 Concrete Protocols
5.1 System Initialization Step
5.2 Key Agreement Step
5.3 Zero Sharing Step
5.4 Intersection Calculation Step
6 Security Analysis
6.1 Correctness
6.2 Security Proof
6.3 Malicious Secure MP-PSI
7 Performance and Performance
7.1 Complexity Analysis
7.2 Experimental Implementation
7.3 Experiment Results
8 Conclusion
References
Multi-user Verifiable Database with Efficient Keyword Search
1 Introduction
1.1 Our Contribution
1.2 Related Work
1.3 Organization
2 Preliminaries
2.1 Mathematical Assumption
2.2 Verifiable Database (VDB)
3 Multi-user Verifiable Database with Efficient Keyword Search
3.1 Framework
3.2 High Level Description
3.3 A Concrete MUVDB Scheme
3.4 Extended Construction: Support Conjunctive Keyword Search
4 Security and Efficiency Analysis
4.1 Security
4.2 Comparison
5 Conclusion
References
A Blockchain-Based Collaborative Auditing Scheme for Cloud Storage
1 Introduction
1.1 Our Contribution
2 Public Provable Data Possession Scheme
2.1 System Model
2.2 Adversary Model and Design Goals
2.3 EigenTrust Model
2.4 A Concrete Scheme
3 Security Analysis and Efficiency Analysis
3.1 Correctness
3.2 Security Analysis
4 Performance Evaluation
4.1 Functionality Comparisons
4.2 Implementation
5 Conclusion
References
Attack and Defense Techniques
High Quality Audio Adversarial Examples Without Using Psychoacoustics
1 Introduction
2 Related Work
3 Problem Definition
3.1 Threat Model and Assumptions
3.2 Evaluation Metrics
4 Method
4.1 Adversarial Convolution
4.2 Regularization
4.3 Impulse Response
4.4 Two-Stage Generation Process
5 Experimental Results
5.1 Setup
5.2 Regularization
5.3 Adversarial Example Generation
5.4 Robustness
6 Conclusion and Future Work
References
Working Mechanism of Eternalblue and Its Application in Ransomworm
1 Introduction
2 Eternalblue's Working Mechanism in Metasploit
2.1 Crafting Original List
2.2 Buffer Grooming
2.3 Sending the Shellcode
3 Code Analysis
3.1 Summary of Wannacry's Network Behaviour
3.2 Detailed Analysis of Wannacry Network Behaviour
4 Conclusion
References
Substitution Attacks Against Sigma Protocols
1 Introduction
2 Preliminaries
2.1 Notations and Definitions
2.2 Protocols
3 ASA Models for Protocols
3.1 Subverting Prover
3.2 Subverting Verifier
4 Mounting ASAs on Protocols
4.1 The Biased-Commitment Attack
4.2 The Biased-Challenge Attack
5 Instantiations of Subvertible Protocols
5.1 Schnorr's Identification Protocol
5.2 Okamoto's Protocol for Representations
6 Conclusion
References
A Multi-stage APT Attack Detection Method Based on Sample Enhancement
1 Introduction
2 Related Work
3 Multi-stage APT Attack Detection Method Based on Sample Enhancement
3.1 Multi-stage Sample Enhancement
3.2 Multi-stage APT Attack Detection
4 Experimental Results
4.1 Environment and Evaluation Metrics
4.2 Experimental Results and Analysis
5 Conclusion
References
VDHGT: A Source Code Vulnerability Detection Method Based on Heterogeneous Graph Transformer
1 Introduction
2 Overview
3 VDHGT Method
3.1 Generation of VDRG
3.2 Node Embedding
3.3 Graph Learning Network and Vulnerability Detection
4 Experiment and Result Analysis
4.1 Experimental Dataset
4.2 Experimental Results and Analysis
5 Conclusion
References
Anomalous Network Traffic Detection Based on CK Sketch and Machine Learning
1 Introduction
2 Related Work
2.1 Sketch Structure
2.2 Sketch Improvement Structure on the Basis of Cuckoo Hash
3 Anomalous Network Traffic Detection Solution on the Basis of Machine Learning and CK Sketch
3.1 Design of the Anomalous Network Traffic Detection Process
3.2 CK Sketch Structure Improvement
4 Experience
4.1 Experimental Environment and Data Set
4.2 Metrics
4.3 Experimental Comparison Analysis
5 Conclusion
References
FedMCS: A Privacy-Preserving Mobile Crowdsensing Defense Scheme
1 Introduction
2 Related Works
3 Problem Formulation
3.1 System Model
3.2 Threat Model
3.3 Design Goals
4 Preliminaries
4.1 Notations
4.2 Poisoning Attack
4.3 Paillier Encryption System
5 Proposed Scheme
5.1 Request Task Publishing
5.2 Sensing Gradient Uploading
5.3 Model Secure Aggregation
6 Safety Certificate
7 Performance Evaluation
7.1 Experimental Settings
7.2 Experiment Results
8 Conclusion
References
Membership Inference Attacks Against Robust Graph Neural Network
1 Introduction
2 Related Work
2.1 Graph Convolutional Networks
2.2 Graph Adversarial Training
2.3 Graph Inference Attacks
3 Background
3.1 Graph Convolutional Network
3.2 Graph Membership Inference Attacks
3.3 Graph Adversarial Training
4 Membership Inference Attacks Against GCN
4.1 Overview
4.2 Node-Level Membership Inference Strategy
4.3 Node-Level MIA Based on Confidence Threshold
4.4 Node-Level MIA Against Robust GCN Model
5 Experimental Evaluation
5.1 Datasets
5.2 Robustness Analysis
5.3 Results of MIA Against Robust GCN Model
6 Conclusion
References
Network Security and Its Applications
A Distributed Threshold Additive Homomorphic Encryption for Federated Learning with Dropout Resiliency Based on Lattice
1 Introduction
1.1 Related Works
1.2 Contributions
2 Preliminaries
2.1 Basic Notations
2.2 DTAHE
2.3 DTAHE Model
3 A DTAHE Instance
3.1 The Instance
3.2 Security Analysis
4 Performance
4.1 Communication
4.2 Computation
References
A Defect Level Assessment Method Based on Weighted Probability Ensemble
1 Introduction
2 Related Work
3 A Defect Level Assessment Method
3.1 Multi-source Sample Treatment
3.2 Misclassification Penalty Quantization
3.3 Defect Level Assessment
4 Experiments and Results
4.1 Experimental Samples and Evaluation Index
4.2 Feature Selection Methods Comparative Experiment
4.3 Defect Level Assessment Experiment
5 Conclusion
References
A Decentralized Ride-Hailing Mode Based on Blockchain and Attribute Encryption
1 Introduction
2 Related Works
2.1 Ride-Hailing Systems
2.2 Blockchain Technology and Smart Contract
2.3 Attribute-Based Encryption
2.4 Zero Knowledge Set Membership Proof (ZKSM)
3 System Mode
4 Method
4.1 Matching Phase
4.2 Deposit Payment Phase
4.3 Fair Payment Phase
4.4 Reputation Calculation Phase
5 Performance Evaluations
5.1 The Time Cost of the Attribute Encryption
5.2 The Gas Cost of This Mode
6 Conclusions
References
Post-quantum Privacy-Preserving Aggregation in Federated Learning Based on Lattice
1 Introduction
2 Cryptographic Primitives
2.1 Secret Sharing
2.2 Key Agreement
2.3 Digital Signature
2.4 Authenticated Encryption
2.5 Pseudorandom Generator
3 PPABoL
3.1 The SecAgg
3.2 PPABoL
4 Security Estimates and Performance
4.1 Security Estimates
4.2 Performance
5 Discussion and Future Work
6 Conclusion
References
Improvised Model for Blockchain in Distributed Cloud Environment
1 Introduction
1.1 Problem Statements and Contributions
2 Related Work
3 Proposed Solution
3.1 Storage Solution
3.2 Security Solution
4 Discussions and Result Analysis
5 Conclusion and Future Works
References
Multi-hop Multi-key Homomorphic Encryption with Less Noise Under CRS Model
1 Introduction
1.1 Our Motivation and Contribution
1.2 Related Work
2 Preliminaries
2.1 Basic Notation
2.2 Ring Learning With Errors
2.3 Multi-key Homomorphic Encryption
2.4 Gadget Decomposition Technique
3 Relinearization of Multi-key Ciphertexts
3.1 Auxiliary Coding Scheme
3.2 Relinearization Key
3.3 Relinearization
4 Multi-key Homomorphic Encryption Scheme
5 Scheme Analysis and Comparison
5.1 Security
5.2 Noise Growth
5.3 Storage Analysis
6 Conclusion
References
Design of Anti Machine Learning Malicious Node System Based on Blockchain
1 Introduction
2 Related Work
3 Preliminaries
3.1 Secure Multi-party Computing
3.2 Ring Signature
3.3 Blockchain
4 System overview
4.1 System Model
4.2 Threat Model
4.3 Scheme Principle
4.4 Scheme Construction
5 Security Analysis
6 Performance Evaluation
7 Conclusion
References
Author Index