کارابرن عزیز، مقالات سایت ( همگی جزو مقالات isi می باشند) بالاترین کیفیت ترجمه را دارند، ترجمه آنها کامل و دقیق می باشد (حتی محتوای جداول و شکل های نیز ترجمه شده اند) و از بهترین مجلات isi مانند IEEE، Sciencedirect، Springer، Emerald و ... انتخاب گردیده اند.
از نرم افزار winrar برای باز کردن فایل های فشرده استفاده می شود. برای دانلود آن بر روی لینک زیر کلیک کنید
Protecting the privacy of humans in video sequences using a computer vision-based de-identification pipeline
حفاظت از حریم خصوصی افراد در توالی های ویدئویی با استفاده از شناسایی مبتنی بر دید کامپیوتری لوله ای-2017
Article history:Received 12 October 2016Revised 5 May 2017Accepted 27 May 2017Keywords:Privacy protection De-identiﬁcation Computer vision Video processingWe propose a computer vision-based de-identiﬁcation pipeline that enables automated protection of pri- vacy of humans in video sequences through obfuscating their appearance, while preserving the natu- ralness and utility of the de-identiﬁed data. Our pipeline speciﬁcally addresses de-identifying soft and non-biometric features, such as clothing, hair, skin color etc., which often remain recognizable when sim- pler techniques such as blurring are applied. Assuming a surveillance scenario, we combine background subtraction based on Gaussian mixtures with an improved version of the GrabCut algorithm to ﬁnd and segment pedestrians. De-identiﬁcation is performed by altering the appearance of the segmented pedes- trians through the neural art algorithm that uses the responses of a deep neural network to render the pedestrian images in a different style. Experimental evaluation is performed both by automated classiﬁ- cation and through a user study. Results suggest that the proposed pipeline successfully de-identiﬁes a range of hard and soft biometric and non-biometric identiﬁers, including face, clothing and hair.© 2017 Elsevier Ltd. All rights reserved.
Keywords: Privacy protection | De-identification | Computer vision | Video processing
Multilevel classification of security concerns in cloud computing
طبقه بندی چندسطحی نگرانی های امنیتی در محاسبات ابری-2017
Received 11 May 2015; revised 11 March 2016; accepted 20 March 2016 Available online 8 April 2016 Abstract Threats jeopardize some basic securityrequirements in a cloud. These threats generally constitute privacy breach, data leakage and unauthorized data access at different cloud layers. This paper presents a novel multilevel classification model of different security attacks across different cloud services at each layer. It also identifies attack types and risk levels associated with different cloud services at these layers. The risks are ranked as low, medium and high. The intensity of these risk levels depends upon the position of cloud layers. The attacks get more severe for lower layers where infrastructure and platform are involved. The intensity of these risk levels is also associated with security requirements of data encryption, multi-tenancy, data privacy, authentication and authorization for different cloud services. The multilevel classification model leads to the provision of dynamic security contract for each cloud layer that dynamically decides about security requirements for cloud consumer and provider. 2016 King Saud University. Production and hosting by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
KEYWORDS :Cloud computing | Security | Virtualization | SaaS | PaaS | IaaS
نظارت جمعی و گزینه های سیاست فن آوری: بهبود امنیت ارتباطات خصوصی
سال انتشار: 2017 - تعداد صفحات فایل pdf انگلیسی: 7 - تعداد صفحات فایل doc فارسی: 26
افشاگری های اسنودن در سال 2013 شعله بحث شدید در مشروعیت و وسعت عملیات جاسوسی که ناظر بر اینترنت و ارتباطات از راه دور در سراسر جهان بود را شعله ور کرد. حمله مداوم به حوزه خصوصی افراد در سراسر جهان توسط دولت ها و شرکت ها موضوعی است که بطور کافی با استفاده از اقدامات فنی و سازمانی فعلی صورت گرفته است. این مقاله استدلال می کند که به منظور حفظ اینترنت حیاتی و فعال، زیرساخت های اساسی آن باید بطور قابل توجهی تقویت شود. ما تعدادی گزینه های فنی و سیاسی، که به بهبود امنیت در اینترنت کمک می کند،پیشنهاد می کنیم. بر بحث پیرامون رمزگذاری و ناشناخته ، و همچنین در سیاست های مقابله با آسیب پذیری های نرم افزار و سخت افزار و ضعف معماری اینترنت تمرکز دارد.
کلید واژه ها: نظارت | سیاست | رمزگذاری | حریم خصوصی
|مقاله ترجمه شده|
Field classification, modeling and anomaly detection in unknown CAN bus networks
طبقه بندی فیلد، مدل سازی و تشخیص ناهنجاری در شبکه های ناشناس CAN bus-2017
Article history:Received 10 July 2016Received in revised form 1 January 2017 Accepted 23 February 2017Available online 2 March 2017Keywords:CAN busAnomaly detection Network layer issues Security and privacyCommunication architectureThis paper describes a novel domain-aware anomaly detection system for in-car CAN bus traﬃc. Through inspection of real CAN bus communication, we discovered the presence of semantically- meaningful Constant ﬁelds, Multi-Value ﬁelds and Counter or Sensor ﬁelds. For CAN networks in which the speciﬁcations of the electronic control units (ECUs) are unknown, and hence, the borders between the bit-ﬁelds are unknown, we developed a greedy algorithm to split the messages into ﬁelds and classify the ﬁelds into the types we observed. Next, we designed a semantically-aware anomaly detection system for CAN bus traﬃc. In its learning phase, our system uses the classiﬁer to characterize the ﬁelds and build a model for the messages, based on their ﬁeld types. The model is based on Ternary Content-Addressable Memory (TCAM), that can run eﬃciently in either software or hardware. During the enforcement phase our system detects deviations from the model. We evaluated our system on simulated CAN bus traﬃc, and achieved very encouraging results: a median false positive rate of 1% with a median of only 89.5 TCAMs. Finally we evaluated our system on the real CAN bus traﬃc. With a suﬃciently long period of recording, we achieved a median false positive rate of 0% with an average of 252 TCAMs. 2017 Elsevier Inc. All rights reserved.
Keywords:CAN bus | Anomaly detection | Network layer issues | Security and privacy | Communication architecture
Privacy conserving low volume information retrieval from backbone services in VANETs
بازیابی اطلاعات کم حجم و جلوگیری از صدمه زدن به حریم خصوصی از خدمات ستون فقرات در شبکه های VANET-2017
Article history:Received 6 October 2016Received in revised form 4 February 2017 Accepted 23 February 2017Available online 1 March 2017Keywords:VANETPrivacy SecurityMobile ad hoc networks are of high interest in research and practice, especially as realizations in the automotive domain. Wireless data exchange, safety critical use cases and privacy requirements impose tough challenges on applied security mechanisms. Well studied solutions are available for direct communication between nodes. However, also time critical data retrieval from backbone services is required for many use cases, like the delivery of pseudonym certiﬁcates. This topic has not been looked at in detail in prior work. We show that the approach proposed in standards bears signiﬁcant drawbacks. High effort in the input message validation process causes a denial of service weakness of backbone services. Moreover, request messages contain removable data sets making them unnecessarily long, which leads to high bandwidth requirements for reliable communication between backbone and mobile node. Thus, we propose a new data retrieval scheme increasing robustness of the backbone to denial of service attacks and decreasing length of nodes’ request messages. The conducted evaluation shows good usability of the approach. 2017 Elsevier Inc. All rights reserved.
Keywords:VANET | Privacy | Security
A lightweight biometrics based remote user authentication scheme for IoT services
یک راهبرد تایید هویت کاربر مبتنی بر بیومتریک سبک برای خدمات IoT-2017
Article history:Available online 12 January 2017Keywords: Biometrics IoT servicesKey agreementRemote user authentication SecurityUser authentication is becoming crucial in the accelerating Internet of Things (IoT) environment. With IoT several applications and services have been emerging in the areas such as, surveillance, healthcare, security, etc. The services offered can be accessed through smart device applications by the user from anywhere, anytime and anyplace. This makes security and privacy critical to IoT. Moreover, security is paramount in IoT, to enable secure access to the services; multi-factor based authentication can provide high security. In this paper, a lightweight biometric based remote user authentication and key agreement scheme for secure access to IoT services has been proposed. The protocol makes use of lightweight hash operations and XOR operation. The security analysis proves that it is robust against multiple security at- tacks. The formal veriﬁcation is performed using AVISPA tool, which conﬁrms its security in the presence of a possible intruder.© 2017 Elsevier Ltd. All rights reserved.
Keywords: Biometrics | IoT services | Key agreement | Remote user authentication | Security
Lightweight adaptive Random-Forest for IoT rule generation and execution
تصادفی جنگل انطباقی سبک برای تولید و اجرای قانون IoT-2017
Article history:Available online 30 March 2017Keywords: Internet of Things SecurityRules extraction Random-Forest Active learningThe area of the Internet of Things is growing rapidly. The volume of transmitted data over the various sensors is growing accordingly. Sensors typically are low in resources of storage, memory and process- ing power. Data security and privacy are part of the major concerns and drawbacks of this growing do- main. Sensor traﬃc analysis has become an increasingly important domain to protect IoT infrastructures from intruders. An IoT network intrusion detection system is required to monitor and analyze the traﬃc and predict possible attacks. Machine leaning techniques can automatically extract normal and abnormal patterns from a large set of training sensors data. Due to the high volume of traﬃc and the need for real-time reaction, accurate threat discovery is mandatory. This work focuses on designing a lightweight comprehensive IoT rules generation and execution framework. It is composed of three components, a machine learning rule discovery, a threat prediction model builder and tools to ensure timely reaction to rules violation and un-standardized and ongoing changes in traﬃc behavior. The generated detection model is expected to identify in real-time exceptions and notify the system accordingly. We use Random- Forest (RF) as the machine learning platform for rules discovery and real-time anomaly detection. To al- low RF adaptation to IoT we propose several improvements to make it lightweight and propose a process that combines IoT network capabilities; messaging and resource sharing, to build a comprehensive and eﬃcient IoT security framework.© 2017 Elsevier Ltd. All rights reserved.
Keywords: Internet of Things | Security Rules extraction | Random-Forest | Active learning
Psychological needs as motivators for security and privacy actions on smartphones
نیازهای روانشناختی به عنوان انگیزه برای اقدامات امنیتی و حریم خصوصی بر روی گوشی های هوشمند-2017
Article history:Keywords: Psychological needs Security and privacy SmartphonesUser behavior User experienceMuch work has been conducted to investigate the obstacles that keep users from using mitigations against security and privacy threats on smartphones. By contrast, we conducted in-depth interviews (N = 19) to explore users’ motivations for voluntarily applying security and privacy actions on smart- phones. Our work focuses on analyzing intrinsic motivation in terms of psychological need fulﬁllment. The ﬁndings from the interview study provide ﬁrst insights on the salience of basic psychological needs in the context of smartphone security and privacy. They illustrate how security and privacy actions on smartphones are motivated by a variety of psychological needs, only one of them being the need for Security. We further conducted an online survey (N = 70) in which we used questionnaires on psycho- logical need fulﬁllment from the literature. The online survey is a ﬁrst attempt to quantify psychological need fulﬁllment for security and privacy actions on smartphones. Whereas the results of the interview study indicate that Security and other needs play a role as motivators for employing security and privacy actions on smartphones, the online study does not support the need for Security as an outstanding mo- tivator. Instead, in the online study, other needs such as Keeping the meaningful, Stimulation, Autonomy, and Competence show to be rather salient as motivators for security and privacy actions. Furthermore, the mean need fulﬁllment for security and privacy actions is in general rather low in the online survey. We conclude that there is scope for improvement to maximize psychological need fulﬁllment with security and privacy actions. In order to achieve a positive user experience with security and privacy technologies on smartphones, we suggest addressing additional psychological needs, beyond the need for Security, in the design of such technologies.© 2017 The Authors. Published by Elsevier Ltd. This is an open access article under the CC BY-NC-ND license. (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Keywords: Psychological needs | Security and privacy | Smartphones User behavior | User experience
Fully Enhanced Homomorphic Encryption algorithm of MORE approach for real world applications
الگوریتم رمزگذاری Homomorphic به طور کامل پیشرفته از رویکرد MORE برای برنامه های دنیای واقعی-2017
Article history:Available online 21 February 2017Keywords:Fully Homomorphic Encryption scheme MOREDynamic diffusion and permutation primitivesSecurity analysisThe design of a Homomorphic Encryption (HE) algorithm that allows computation over the encrypted data is required in real world modern applications to preserve the privacy. Such applications include Cloud Computing, shared storage, processing resources, etc. The existing solutions are not practical for real world applications. Asymmetric approaches suffer from high computation overhead, while symmet- ric approaches suffer from low immunity against attacks such as chosen and known plaintext attack. In this paper, we consider symmetric approaches and we focus on Matrix Operation for Randomization and Encryption (MORE) approach to build a new algorithm overcoming the drawbacks of MORE. The pro- posed algorithm is explained in details and evaluated. The security performance results show that the proposed approach can prevent the strong attacks without degradation of the system performances in term of latency and energy consumption.© 2017 Elsevier Ltd. All rights reserved.1.
Keywords: Fully Homomorphic Encryption scheme | MORE | Dynamic diffusion and permutation | primitives | Security analysis
Signalling over-privileged mobile applications using passive security indicators
سیگنالینگ برنامه های خاص تلفن همراه با استفاده از شاخص های امنیتی منفعل-2017
Article history:Available online 16 December 2016Keywords:Over-privilege Mobile applications Application store Usable security PrivacyAndroidAs mobile devices have evolved from simple phones to rich computing systems, the data stored on these multi-taskers have consequently become more sensitive and private. Due to this, modern mobile oper- ating systems include sophisticated permission systems for restricting the access to this device for the mobile applications. However, many applications acquire more permissions than required. These over- privileged applications can affect data security and user privacy. All application permissions are indicated to the user, but these notiﬁcations have been shown to be ignored or not understood. Thus, other mech- anisms need to be improved.This paper presents design approaches to communicate the degree of over-privilege in mobile applica- tions. It uses an additional rating system in application stores to inform users before making the decision of installing a speciﬁc application. The approaches have been evaluated in a usability study based on distinct prototype Android application stores. The ﬁndings show that passive security indicators can be applied to inﬂuence the decision-making process of users before downloading and installing an applica- tion.© 2016 Elsevier Ltd. All rights reserved.1.
Keywords: Over-privilege | Mobile applications | Application store | Usable security | Privacy Android