Computationally Secure Oblivious Transfer

We describe new computationally secure protocols of 1-out-of-N oblivious transfer, k-out-of-N oblivious transfer, and oblivious transfer with adaptive queries. The protocols are very efficient compared with solutions based on generic two-party computation or on information-theoretic security. The 1-out-of-N oblivious transfer protocol requires only log N executions of a 1-out-of-2 oblivious transfer protocol. The k-out-of-N protocol is considerably more efficient than k repetitions of 1-out-of-N oblivious transfer, as is the construction for oblivious transfer with adaptive queries. The efficiency of the new oblivious transfer protocols makes them useful for many applications. A direct corollary of the 1-out-of-N oblivious transfer protocol is an efficient transformation of any Private Information Retrieval protocol to a Symmetric PIR protocol.     

Generic prediction assisted single-copy routing in underwater delay tolerant sensor networks

One challenge in delay tolerant networks (DTNs) is efficient routing, as the lack of contemporaneous end-to-end paths makes conventional routing schemes inapplicable. Although many DTN routing protocols have been proposed, they often have two limitations: many protocols are not mobility cognizant, so they only suit specific mobility models and become inefficient when the environment changes; some protocols employ multi-copy replication to accommodate mobility diversity for increased delivery probability or reduced delay, but they usually do not perform well in resource constrained networks. Due to the unique characteristics of underwater sensor networks (UWSNs), efficient DTN routing becomes even more challenging. In this paper, we propose a generic prediction assisted single-copy routing (PASR) scheme that can be instantiated for different mobility models. PASR first collects a short-duration trace with network connectivity information and employs an effective off-line greedy algorithm to characterize the underlying network mobility patterns, depict the features of best routing paths and provide guidance on how to use historical information. Then it instantiates prediction assisted single-copy online routing protocols based on the guidance. As a result, the instantiated protocols are energy efficient and cognizant of the underlying mobility patterns. We demonstrate the advantages of PASR in underwater sensor networks with various mobility models.     

LEAD: a methodology for learning efficient approaches to medical diagnosis.

Determining the most efficient use of diagnostic tests is one of the complex issues facing medical practitioners. With the soaring cost of healthcare, particularly in the US, there is a critical need for cutting costs of diagnostic tests, while achieving a higher level of diagnostic accuracy. This paper develops a learning based methodology that, based on patient information, recommends test(s) that optimize a suitable measure of diagnostic performance. A comprehensive performance measure is developed that accounts for the costs of testing, morbidity, and mortality associated with the tests, and time taken to reach diagnosis. The performance measure also accounts for the diagnostic ability of the tests. The methodology combines tools from the fields of data mining (rough set theory, in particular), utility theory, Markov decision processes (MDP), and reinforcement learning (RL). The rough set theory is used in extracting diagnostic information in the form of rules from the medical databases. Utility theory is used in bringing various nonhomogenous performance measures into one cost based measure. An MDP model together with an RL algorithm facilitates obtaining efficient testing strategies. The methodology is implemented on a sample problem of diagnosing solitary pulmonary nodule (SPN). The results obtained are compared with those from four alternative testing strategies. Our methodology holds significant promise to improve the process of medical diagnosis.     

Remote health monitoring of heart failure with data mining via CART method on HRV features

Disease management programs, which use no advanced information and computer technology, are as effective as telemedicine but more efficient because less costly. We proposed a platform to enhance effectiveness and efficiency of home monitoring using data mining for early detection of any worsening in patient's condition. These worsenings could require more complex and expensive care if not recognized. In this letter, we briefly describe the remote health monitoring platform we designed and realized, which supports heart failure (HF) severity assessment offering functions of data mining based on the classification and regression tree method. The system developed achieved accuracy and a precision of 96.39% and 100.00% in detecting HF and of 79.31% and 82.35% in distinguishing severe versus mild HF, respectively. These preliminary results were achieved on public databases of signals to improve their reproducibility. Clinical trials involving local patients are still running and will require longer experimentation.     

集合成员关系的安全多方计算及其应用

集合成员关系的安全多方计算在保密数据挖掘和保密数据查询等方面有着重要的应用价值.针对以往方案在集合规模较大时的低效问题,本文将原问题转化成多项式一次性求值问题,在此基础上共设计了四个协议.利用同态加密设计了平凡协议1;利用离散对数设计了高效协议2,此协议非常简洁.最后,针对不同的应用场景又分别设计了云计算环境下外包用户计算的协议3和抗抵赖环境下可公开保密判定的协议4.通过分析和比较显示,我们的方案除了集合的势,其余任何信息都没有泄露,并且在集合规模较大时,相比以往方案高效而简洁.     

New Approaches for Deniable Authentication

Deniable Authentication protocols allow a Sender to authenticate a message for a Receiver, in a way that the Receiver cannot convince a third party that such authentication (or any authentication) ever took place. We present two new approaches to the problem of deniable authentication. The novelty of our schemes is that they do not require the use of CCA-secure encryption (all previous known solutions did), thus showing a different generic approach to the problem of deniable authentication. These new approaches are practically relevant as they lead to more efficient protocols. In the process we point out a subtle definitional issue for deniability. In particular, we propose the notion of forward deniability, which requires that the authentications remain deniable even if the Sender wants to later prove that she authenticated a message. We show that a simulation-based definition of deniability, where the simulation can be computationally indistinguishable from the real protocol does not imply forward deniability. Thus, for deniability one needs to restrict the simulation to be perfect (or statistically close). Our new protocols satisfy this stricter requirement. A preliminary version of this paper appeared in the Proceedings of the 2005 ACM Conference on Computer and Communication Security. Work done while visiting the IBM T.J. Watson Research Center.     

Energy efficient routing in ad hoc disaster recovery networks

The terrorist attacks on September 11, 2001 have drawn attention to the use of wireless technology in order to locate survivors of structural collapse. We propose to construct an ad hoc network of wireless smart badges in order to acquire information from trapped survivors. We investigate the energy efficient routing problem that arises in such a network and show that since smart badges have very limited power sources and very low data rates, which may be inadequate in an emergency situation, the solution of the routing problem requires new protocols. The problem is formulated as an anycast routing problem in which the objective is to maximize the time until the first battery drains-out. We present iterative algorithms for obtaining the optimal solution of the problem. Then, we derive an upper bound on the network lifetime for specific topologies and describe a polynomial algorithm for obtaining the optimal solution in such topologies. Finally, numerical results regarding the upper bound and the algorithms are presented.     

一种分布环境中最大频繁项目集挖掘算法

挖掘最大频繁项目集是数据挖掘中的重要研究课题。目前已经提出的最大频繁项目集挖掘算法大多是基于单机环境的，在分布环境中挖掘最大频繁项目集的算法尚不多见。文章提出了一种基于分布数据库的并行挖掘最大频繁项目集的算法。该算法尽可能地让每个处理器独立地挖掘，采用频繁模式树（FP—tree）作为数据结构，可方便地从各局部FP-tree中挖掘局部最大频繁项目集及判断各项目集的支持度。采用传递候选最大频繁项目集的方法。实验表明该算法是有效的并行算法。     

一个保护私有信息的布尔关联规则挖掘算法

本文基于随机响应技术,提出了一种在保护隐私的关联规则挖掘中对数据进行伪装的方法;设计了在伪装的数据集上进行挖掘的算法;分析了算法的效率.实验结果表明,该算法在伪装的数据集上挖掘出的规则与原始规则相比,相对误差不超过2％,并给出了使得相对误差最小时相关参数的取值.     

Mapping of Trellises Associated with General Encoders onto High-Performance VLSI Architectures

A rate 1/n binary generic convolutional encoder is a shift-register circuit where the inputs are information bits and the outputs are blocks of n bits generated as linear combinations on the appropriate shift register contents. The decoding of the outputs of a convolutional encoder can be carried out by the well-known Viterbi algorithm. The communication pattern of the Viterbi Algorithm is given as a graph, called trellis, associated to the state diagram of the corresponding encoder. In this paper we present a methodology that permits the efficient mapping of the Viterbi algorithm onto a column of an arbitrary number of processors. This is done through the representation of the data flow by using mathematical operators which present an inmediate hardware projection. A single operator string has been obtained to represent a generic encoder through the study of the data flow of free-forward encoders and feed-back encoders. The formal model developed is employed for the partitioning of the computations among an arbitrary number of processors in such a way that the data are recirculated opimizing the use of the processors and the communications. As a result, we obtain a highly regular and modular architecture suitable for VLSI implementation.     

BIIR: A Beacon Information Independent VANET Routing Algorithm with Low Broadcast Overhead

Most of the existing VANET routing protocols rely on information collected from beacons for making routing decisions such as next neighbor selection. Beacons are very small size hello messages that each vehicle broadcasts periodically. Owing to very small payload size of beacons as compared to the payload size of a data message, they can easily pass through even very weak links, through which a data message could never pass. Therefore, the use of beacon information for making routing decisions in a highly dynamic scenario such as VANETs may cause selection of routes through which data message can never be sent. Several researchers have given solutions that do not use beacon information for making routing decisions. But most of these solutions incorporate a large number of broadcasts to forward the data packets, causing wastage of bandwidth. In this paper, we present a beacon information independent geographic routing algorithm called BIIR, which reduces the number of broadcasts to forward the data packets by making intelligent use of information collected by the vehicle during previous route discovery attempts for a destination. Our simulation results have shown that the proposed algorithm outperforms the existing beacon less routing protocols in terms of the average number of broadcasts per data packet forwarding, packet delivery ratio and end to end delay experienced by the data messages.     

Robust Information-Theoretic Private Information Retrieval

An information-theoretic private information retrieval (PIR) protocol allows a user to retrieve a data item of its choice from a database replicated amongst several servers, such that each server gains absolutely no information on the identity of the item being retrieved. One problem with this approach is that current systems do not guarantee availability of servers at all times for many reasons, e.g., crash of server or communication problems. In this work we design robust PIR protocols, i.e., protocols which still work correctly even if only some servers are available during the protocol's operation. We present various robust PIR protocols giving different tradeoffs between the different parameters. We first present a generic transformation from regular PIR protocols to robust PIR protocols. We then present two constructions of specific robust PIR protocols. Finally, we construct robust PIR protocols which can tolerate Byzantine servers, i.e., robust PIR protocols which still work in the presence of malicious servers or servers with a corrupted or obsolete database.     

Genetic algorithms for finite mixture model based voxel classification in neuroimaging

Finite mixture models (FMMs) are an indispensable tool for unsupervised classification in brain imaging. Fitting an FMM to the data leads to a complex optimization problem. This optimization problem is difficult to solve by standard local optimization methods, such as the expectation-maximization (EM) algorithm, if a principled initialization is not available. In this paper, we propose a new global optimization algorithm for the FMM parameter estimation problem, which is based on real coded genetic algorithms. Our specific contributions are two-fold: 1) we propose to use blended crossover in order to reduce the premature convergence problem to its minimum and 2) we introduce a completely new permutation operator specifically meant for the FMM parameter estimation. In addition to improving the optimization results, the permutation operator allows for imposing biologically meaningful constraints to the FMM parameter values. We also introduce a hybrid of the genetic algorithm and the EM algorithm for efficient solution of multidimensional FMM fitting problems. We compare our algorithm to the self-annealing EM-algorithm and a standard real coded genetic algorithm with the voxel classification tasks within the brain imaging. The algorithms are tested on synthetic data as well as real three-dimensional image data from human magnetic resonance imaging, positron emission tomography, and mouse brain MRI. The tissue classification results by our method are shown to be consistently more reliable and accurate than with the competing parameter estimation methods.     

一种不产生候选集的最大频繁集快速挖掘算法

发现最大频繁(项目)集是关联规则挖掘中的重要问题。提出一个基于频繁模式树FP—Tree(Frequent Pattern Tree)的快速发现最大频繁项目集算法MFP—growth(Maximum Frequent Pattern growth)，其发现过程中不需要产生候选(项目)集，从而提高了挖掘效率。由实验结果表明，此算法在发现最大频繁项目集方面具有很好的性能。     

基于SECUNIA漏洞库的数据挖掘算法研究

信息安全关系到一个国家政治、经济和文化各个层面的发展。漏洞往往是引起信息安全事件的重要因素。利用数据挖掘技术,可以从大量的数据中提取出潜在的有用信息和知识。先简要介绍信息安全漏洞库和数据挖掘的相关概念,并针对Secunia漏洞库研究建立关联分析的数据挖掘过程,分析出漏洞和软件间的关联规则,为信息安全漏洞分析提供了参考。     

A slotted access control protocol for metropolitan WDM ring networks

In this study we focus on the serious scalability problems that many access protocols for WDM ring networks introduce due to the use of a dedicated wavelength per access node for either transmission or reception. We propose an efficient slotted MAC protocol suitable for WDM ring metropolitan area networks. The proposed network architecture employs a separate wavelength for control information exchange prior to the data packet transmission. Each access node is equipped with a pair of tunable transceivers for data communication and a pair of fixed tuned transceivers for control information exchange. Also, each access node includes a set of fixed delay lines for synchronization reasons; to keep the data packets, while the control information is processed. An efficient access algorithm is applied to avoid both the data wavelengths and the receiver collisions. In our protocol, each access node is capable of transmitting and receiving over any of the data wavelengths, facing the scalability issues. Two different slot reuse schemes are assumed: the source and the destination stripping schemes. For both schemes, performance measures evaluation is provided via an analytic model. The analytical results are validated by a discrete event simulation model that uses Poisson traffic sources. Simulation results show that the proposed protocol manages efficient bandwidth utilization, especially under high load. Also, comparative simulation results prove that our protocol achieves significant performance improvement as compared with other WDMA protocols which restrict transmission over a dedicated data wavelength. Finally, performance measures evaluation is explored for diverse numbers of buffer size, access nodes and data wavelengths.     

Robust and Efficient Sharing of RSA Functions

We present two efficient protocols which implement robust threshold RSA signature schemes, where the power to sign is shared by N players such that any subset of T+1 or more signers can collaborate to produce a valid RSA signature on any given message, but no subset of T or less corrupted players can forge a signature. Our protocols are robust in the sense that the correct signature is computed even if up to T players behave in an arbitrarily malicious way during the signature protocol. This, in particular, includes the cases of players who refuse to participate or who introduce erroneous values into the computation. Our robust protocols achieve optimal resiliency as they can tolerate up to (N-1)/2 faults, and their efficiency is comparable with the efficiency of the underlying threshold RSA signature scheme. Our protocols require RSA moduli which are the product of two safe primes, and that the underlying (centralized) RSA signature scheme is unforgeable. Our techniques also apply to the secure sharing of the RSA decryption function. We show that adding robustness to the existing threshold RSA schemes reduces to solving the problem of how to verify an RSA signature without a public verification Received 21 March 1997 and revised 28 September 1999     

Trapdoor Hard-to-Invert Group Isomorphisms and Their Application to Password-Based Authentication

In the security chain the weakest link is definitely the human one: human beings cannot remember long secrets and often resort to rather insecure solutions to keep track of their passwords or pass-phrases. For this reason it is very desirable to have protocols that do not require long passwords to guarantee security, even in the case in which exhaustive search is feasible. This is actually the goal of password-based key exchange protocols, secure against off-line dictionary attacks: two people share a password (possibly a very small one, say a 4-digit number), and after the protocol execution, they end up sharing a large secret session key (known to both of them, but nobody else). Then an adversary attacking the system should try several connections (on average 5000 for the above short password) in order to be able to get the correct password. Such a large number of erroneous connections can be prevented by various means. Our results can be highlighted as follows. First we define a new primitive that we call trapdoor hard-to-invert group isomorphisms, and give some candidates. Then we present a generic password-based key exchange construction that admits a security proof assuming that these objects exist. Finally, we instantiate our general scheme with some concrete examples, such as the Diffie-Hellman function and the RSA function, but more interestingly the modular square-root function, which leads to the first scheme with security related to the integer factorization problem. Furthermore, the latter variant is very efficient for one party (the server). Our results hold in the random-oracle model.     

自适应模糊决策树算法在数据流挖掘中的应用

在网络的许多应用中数据是以流的形式存在的,例如网络流、传感器数据,以及网页点击流等,分析和挖掘这类数据,可以发现某中有价值的信息。在此,针对数据流挖掘算法中出现的一些问题（如概念漂移问题）,提出了一种自适应模糊决策树的优化算法。该算法对于解决处理数据流概念中的漂移问题有较好的效果。