International Conference Papers

Permanent URI for this collectionhttp://dl.cerist.dz/handle/CERIST/4

Browse

Filters

Settings

Author: search.filters.author.Challal, YacineHas files: Yes

Search Results

Now showing 1 - 10 of 13
  • Thumbnail Image
    Item
    PReDIHERO – Privacy-Preserving Remote Deep Learning Inference based on Homomorphic Encryption and Reversible Obfuscation for Enhanced Client-side Overhead in Pervasive Health Monitoring
    (IEEE, 2021) Boulemtafes, Amine; Derhab, Abdelouahid; Ait Ali Braham, Nassim; Challal, Yacine
    Homomorphic Encryption is one of the most promising techniques to deal with privacy concerns, which is raised by remote deep learning paradigm, and maintain high classification accuracy. However, homomorphic encryption-based solutions are characterized by high overhead in terms of both computation and communication, which limits their adoption in pervasive health monitoring applications with constrained client-side devices. In this paper, we propose PReDIHERO, an improved privacy-preserving solution for remote deep learning inferences based on homomorphic encryption. The proposed solution applies a reversible obfuscation technique that successfully protects sensitive information, and enhances the client-side overhead compared to the conventional homomorphic encryption approach. The solution tackles three main heavyweight client-side tasks, namely, encryption and transmission of private data, refreshing encrypted data, and outsourcing computation of activation functions. The efficiency of the client-side is evaluated on a healthcare dataset and compared to a conventional homomorphic encryption approach. The evaluation results show that PReDIHERO requires increasingly less time and storage in comparison to conventional solutions when inferences are requested. At two hundreds inferences, the improvement ratio could reach more than 30 times in terms of computation overhead, and more than 8 times in terms of communication overhead. The same behavior is observed in sequential data and batch inferences, as we record an improvement ratio of more than 100 times in terms of computation overhead, and more than 20 times in terms of communication overhead.
  • Thumbnail Image
    Item
    Using ABE for Medical Data Protection in Fog Computing
    (2019-05-03) Krinah, Abdelghani; Challal, Yacine; Omar, Mawloud; Nouali, Omar
    Fog is an extension of the cloud computing paradigm, developed to fix the clouds latency, especially for applications requiring a very short response time, such as e-health applications. However, these applications also require a high level of data confidentiality, hence the need to apply appropriate encryption techniques, which can ensure security needs, while respecting the characteristics of the infrastructures devices. In this article, we will focus on ABE encryption, through the work done to study its applicability in the cloud and the Internet of things, as well as the improvements that can be made to adapt it to the fog computing environment.
  • Thumbnail Image
    Item
    Instantaneous Proxy-Based Key Update for CP-ABE
    (IEEE, 2016-11-07) Touati, Lyes; Challal, Yacine
    Attribute Based Encryption (ABE) scheme has been proposed to implement cryptographic fine grained access control to shared information. It allows to achieve information sharing of type one-to-many users, without considering the number of users and their identities. However, original ABE systems suffer from the non-efficiency of their attribute/key revocation mechanisms. Based on Ciphertext-Policy ABE (CP-ABE) scheme, we pro- pose an efficient proxy-based immediate private key update which does require neither re-encrypting cipher-texts, nor affect other users’ secret keys. The semi-trusted proxy, we have introduced, assists nodes during the decryption process without having ability to decrypt nodes’ data. Moreover, the proxy eliminates the 1- effects-n phenomenon from which suffer existing solutions when it comes to revoke nodes attributes. Finally, we analyze the security of our scheme and demonstrate that the proposed solution outperforms existing ones in terms of generated overheard.
  • Thumbnail Image
    Item
    Collaborative KP-ABE for Cloud-Based Internet of Things Applications
    (IEEE, 2016-05-23) Touati, Lyes; Challal, Yacine
    KP-ABE mechanism emerges as one of the most suitable security protocol for asymmetric encryption. It has been widely used to implement access control solutions. However, due to its expensive overhead, it is difficult to consider this protocol in resource-limited networks, such as the IoT. As the cloud has become a key infrastructural support for IoT applications, it is interesting to exploit cloud resources to perform heavy operations. In this paper, a collaborative variant of KP-ABE named C-KP-ABE for cloud-based IoT applications is proposed. Our proposal is based on the use of computing power and storage capacities of cloud servers and trusted assistant nodes to run heavy operations. A performance analysis is conducted to show the effectiveness of the proposed solution.
  • Thumbnail Image
    Item
    SMART: Secure Multi-pAths Routing for wireless sensor neTworks
    (IEEE, 2014-06-22) Lasla, Noureddine; Derhab, Abdelouahid; Ouadjaout, Abdelraouf; Bagaa, Miloud; Challal, Yacine
    In this paper, we propose a novel secure routing protocol named Secure Multi-pAths Routing for wireless sensor neTworks (SMART) as well as its underlying key management scheme named Extended Twohop Keys Establishment (ETKE). The proposed framework keeps consistent routing topology by protecting the hop count information from being forged. It also ensures a fast detection of inconsistent routing information without referring to the sink node. We analyze the security of the proposed scheme as well as its resilience probability against the forged hop count attack. We have demonstrated through simulations that SMART outperforms a comparative solution in literature, i.e., SeRINS, in terms of energy consumption
  • Thumbnail Image
    Item
    SEDAN: Secure and Efficient protocol for Data Aggregation in wireless sensor Networks
    (IEEE, 2007-10-15) Bagaa, Miloud; Lasla, Noureddine; Ouadjaout, Abdelraouf; Challal, Yacine
    —Energy is a scarce resource in Wireless Sensor Networks. Some studies show that more than 70% of energy is consumed in data transmission. Since most of the time, the sensed information is redundant due to geographically collocated sensors, most of this energy can be saved through data aggregation. Furthermore, data aggregation improves bandwidth usage. Unfortunately, while aggregation eliminates redundancy, it makes data integrity verification more complicated since the received data is unique. In this paper, we present a new protocol that provides secure aggregation for wireless sensor networks. Our protocol is based on a two hops verification mechanism of data integrity. Our solution is essentially different from existing solutions in that it does not require referring to the base station for verifying and detecting faulty aggregated readings, thus providing a totally distributed scheme to guarantee data integrity. We carried out simulations using TinyOS environment. Simulation results show that the proposed protocol yields significant savings in energy consumption while preserving data integrity.
  • Thumbnail Image
    Item
    An Efficient and Privacy-preserving Similarity Evaluation For Big Data Analytics
    (ACM/IEEE, 2015-12) Gheid, Zakaria; Challal, Yacine
    Big data systems are gathering more and more information in order to discover new values through data analytics and depth insights. However, mining sensitive personal information breaches privacy and degrades services’ reputation. Accordingly, many research works have been proposed to address the privacy issues of data analytics, but almost seem to be not suitable in big data context either in data types they support or in computation time efficiency. In this paper we propose a novel privacy-preserving cosine similarity computation protocol that will support both binary and numerical data types within an efficient computation time, and we prove its adequacy for big data high volume, high variety and high velocity.
  • Thumbnail Image
    Item
    Efficient CP-ABE Attribute/Key Management for IoT Applications
    (IEEE, 2015-10) Touati, Lyes; Challal, Yacine
    Ciphertext-Policy Attribute-Based Encryption (CP-ABE) is a promising cryptographic mechanism for fine-grained access control to shared data. Attribute/Key management is a keystone issue in CP-APE because of low efficiency of existing attribute revocation techniques. Indeed, existing solutions induce great side effect after each attribute revocation. The side effect induces rekeying and/or re-assignment of attributes to all users. In this paper, we propose a solution which does not require extra entities like proxies to re-encrypt data after every access policy change. Moreover, our solution does not imply latencies following access grants and revocations. We compare our solution with the batch-based CP-ABE attribute management technique and we show that our solution outperforms existing rekeying/revocation techniques in terms of overhead.
  • Thumbnail Image
    Item
    Activity-Based Access Control for IoT
    (ACM, 2015-09) Touati, Lyes; Challal, Yacine
    In traditional access control systems, a process is granted or not the access to a resource following a control on a single action without taking into consideration user and/or system context. In this paper we introduce a novel concept and a generalized version of context-aware access control in the Internet of Things that we name Activity Control. Our approach is aimed to be aware of the user’s context and the overall system’s one to make decision on granting or denying the requested action. To implement our concept we used a finite-state machine and the asymmetric encryption mechanism called Ciphertext-Policy Attribute-Based Encryption to achieve a real-time access policy adaptation following user’s and/or system’s context evolution.
  • Thumbnail Image
    Item
    eSKAMI: Efficient and Scalable multi-group Key management for Advanced Metering Infrastructure in Smart Grid
    (IEEE, 2015-08) Benmalek, Mourad; Challal, Yacine
    Advanced Metering Infrastructure (AMI) is composed of systems and networks for measuring, collecting, storing, analyzing, and exploiting energy usage related data. AMI is an enabling technology for Smart Grid (SG) and hence represents a privileged target for security attacks with potentially great damage against infrastructures and privacy. For this reason, security has been identified as one of the most challenging topics in AMI development, and designing an efficient Key Management Scheme (KMS) is one of first important steps. In this paper, we propose a new scalable and efficient key management scheme that we call Efficient and Scalable Multi-group Key Management (ESMKM) for secure data communications in an Advanced Metering Infrastructure. It is an efficient and scalable key management scheme that can support unicast, multicast and broadcast communications based on an efficient Multi-group Key graph technique. An analysis of security and performance, and a comparision of our scheme with recently proposed schemes show that our KMS can be used to reduce storage overhead (reduction reaches 87%) whithout increasing the communiction overhead.