Information Systems Security: 19th International Conference, ICISS 2023, Raipur, India, December 16–20, 2023, Proceedings (Lecture Notes in Computer Science)

Preface
Organization
Abstracts of Invited Talks and Tutorials
	hinTS: Threshold Signatures with Silent Setup
	How to Train and Use AI Models on Sensitive Data without Compromising Privacy?
	Follow the Money
	Covert & Side Stories: Threats Evolution in Traditional and Modern Technologies
	Overview of Applications of Machine Learning in Encrypted Traffic Analysis for Cyber Security
	Osquery: A Tool for System Visibility and Threat Hunting
	Data Anonymization Techniques
	Contents
Systems Security
A Security Analysis of Password Managers on Android
	1 Introduction
	2 Background
		2.1 Password Managers
		2.2 Related Work
	3 Analysed Password Managers
	4 Password Generation
		4.1 Collecting Passwords
		4.2 Observations
	5 Vault and Metadata Storage
		5.1 Biometric Authentication and root
	6 Autofill
	7 Other Security Issues
	8 Discussion
		8.1 Recommendations
		8.2 Scope for Future Work
	9 Conclusion
	References
The Design and Application of a Unified Ontology for Cyber Security
	1 Introduction
	2 Background
		2.1 Semantic Web Technologies
		2.2 Data Sources
	3 Ontological Design
		3.1 WAVED: Unified Ontology
	4 Querying Ontology for Security Insights
		4.1 Simple Queries
		4.2 Advanced Queries
	5 Related Work
	6 Limitations and Future Work
	7 Conclusion
	References
Big Data Forensics on Apache Kafka
	1 Introduction
	2 Related Work
	3 Architectural Overview on Apache Kafka
		3.1 Data Placement Strategy in Kafka
	4 Kafka Forensics
		4.1 Methodological Approach
		4.2 Data of Interest
		4.3 Kafka Storage Internals
	5 Data Security
		5.1 Encryption in Transit
		5.2 Encryption at Rest
	6 Data Removal in Kafka
		6.1 Data Retention
		6.2 Limited Capabilities for Targeted Deletion
	7 Autopsy Module
	8 Conclusion
	References
A Survey on Security Threats and Mitigation Strategies for NoSQL Databases
	1 Introduction
	2 Literature Survey
	3 Attack Incidences on NoSQL Databases
	4 NOSQL Security Breaches
		4.1 NoSQL Injection Vulnerabilities
		4.2 Absence of Strong Authentication and Authorization
		4.3 Insecure REST API
		4.4 Vulnerable Database Access Security
		4.5 Meow Attack
	5 NOSQL Attacks – Prevention and Mitigation
		5.1 Enable Access Control and Authentication
		5.2 Enable Collection/Document Level Access
		5.3 Output Encoding
		5.4 Query Sanitizations
		5.5 Data Masking Techniques
		5.6 Ensure the REST API Security.
		5.7 Use Strong Network Security and Encryption Techniques
		5.8 Prevention of Meow Attack
	6 Conclusion
	References
Theoretical Enumeration of Deployable Single-Output Strong PUF Instances Based on Uniformity and Uniqueness Constraints
	1 Introduction
	2 Background
		2.1 Related Works and Motivation
		2.2 PUF Performance Metrics
	3 Enumeration of Deployable PUF Instances Based on Uniformity and Uniqueness
		3.1 PUF Instances with Ideal Uniformity
		3.2 PUF Instances with Uniformity in the Range [0.50-,0.50+]
		3.3 PUF Instances Having Ensemble Uniqueness = 0.50
		3.4 PUF Instances with Uniqueness In Range [0.50 -, 0.50 + ]
		3.5 PUF Instances Each with Uniformity = 0.50 and Ensemble Uniqueness = 0.50
		3.6 PUF Instances Each with Uniformity 0.50 and Ensemble Uniqueness in the Range [0.50 -, 0.50 + ]
	4 Discussions
	5 Conclusions
	References
Network Security
Detection and Hardening Strategies to Secure an Enterprise Network
	1 Introduction
	2 Related Work
	3 Background
		3.1 CVE
		3.2 MITRE ATT&CK
		3.3 MITRE D3FEND
		3.4 Mappings
	4 Attack Modeling
		4.1 Attack Graph
		4.2 Tool: XploitMAP
	5 Methodology
		5.1 Hardening Defense
		5.2 Detection Defense
		5.3 Algorithm
	6 Practical Example
	7 Discussion
	8 Conclusion
	References
Attack Graph Based Security Metrics for Dynamic Networks
	1 Introduction
	2 Related Works
	3 Temporal Graphs
	4 Temporal Metrics
		4.1 Path Based Temporal Metrics
	5 Attack Graph
	6 Temporal Attack Graph
		6.1 A Motivating Example
		6.2 Temporal Attack Paths
		6.3 Simplifying Assumption
	7 Temporal Metrics for Temporal Attack Graphs
		7.1 Characteristic Temporal Attack Path Length
	8 Results and Discussions
		8.1 Generating Temporal Attack Graphs
		8.2 Pre-processing of Temporal Attack Graph
		8.3 Importing Data into Neo4j
		8.4 Temporal Attack Graph of Three Time Windows
		8.5 Discussion
	9 Conclusion
	10 Future Work
	References
An Energy-Conscious Surveillance Scheme for Intrusion Detection in Underwater Sensor Networks Using Tunicate Swarm Optimization
	1 Introduction
	2 Related Works
	3 Preliminaries
		3.1 Node Sensing and Distribution Model
		3.2 Tunicate Swarm Optimization Algorithm
	4 Energy Conscious a Single Beacon Node-Based Intrusion Detection Mechanism for IoUT Application
		4.1 Precise Detection of the Intruder Node Through the Calculation of Spatial Coordinates
	5 Simulation Analysis
	6 Conclusion
	References
Security Using AI/ML
STN-Net: A Robust GAN-Generated Face Detector
	1 Introduction
	2 Related Works
	3 Proposed Methodology
		3.1 Preprocessing
		3.2 Sine-Transformed Noise
		3.3 Classifier
	4 Experimental Results and Analysis
		4.1 Solution Models
		4.2 Dataset
		4.3 Settings
		4.4 Performance Evaluation
		4.5 Performance Comparison with Other Solutions
		4.6 Performance in the Context of OSN
		4.7 Performance in the Context of JPEG Compression
		4.8 Generalization Performance
	5 Concluding Remarks
	References
MDLDroid: Multimodal Deep Learning Based Android Malware Detection
	1 Introduction
	2 Related Work
		2.1 Static Analysis Techniques
		2.2 Deep Learning Based Approaches
		2.3 Dynamic Analysis Techniques
		2.4 Multi-modal Learning
	3 MDLDroid: The Proposed Malware Detection Technique
		3.1 Feature Extraction
		3.2 Feature Vector Generation
		3.3 MDLDroid Model
	4 Experimental Analysis
		4.1 Data Collection
	5 Conclusion
	References
A Cycle-GAN Based Image Encoding Scheme for Privacy Enhanced Deep Neural Networks
	1 Introduction
	2 Related Works
	3 Cycle-GAN Image Transformation Formulation
		3.1 Overview
		3.2 Non-sensitive Feature Loss
		3.3 Non-sensitive Feature Loss Objective
		3.4 Distortion Loss
		3.5 Distortion Loss Objective
		3.6 Adversarial Loss
		3.7 Cycle Consistency Loss
		3.8 Cycle-GAN Encoding Full Objective
	4 Methods
		4.1 Dataset
		4.2 Network Architecture
		4.3 Training Procedure
	5 Evaluation
		5.1 Evaluating Privacy/Utility Trade-Off
		5.2 Evaluating Robustness to Attacks
	6 Conclusion
	References
Secure KNN Computation on Cloud
	1 Introduction
	2 Background
	3 Related Work
	4 System Model
	5 Proposed Scheme
		5.1 Correctness Analysis
		5.2 Security Analysis
	6 Performance Evaluation
		6.1 Computation Cost
		6.2 Communication Cost
	7 Empirical Evaluation
		7.1 Experiment Setup
		7.2 Experiments Performed
	8 Conclusion
	References
A Multi-stage Multi-modal Classification Model for DeepFakes Combining Deep Learned and Computer Vision Oriented Features
	1 Introduction
	2 Proposed Multi-stage Multi-modal DeepFake Video Identification
		2.1 Feature Extraction Module
		2.2 Feature Based Classification
		2.3 Deep Learning-Based Classification
	3 Experiments and Results
		3.1 Data Preprocessing
		3.2 Feature Extraction
		3.3 Fake Video Detection and Source Classification
	4 Conclusion
	References
Privacy
Security and Privacy in Machine Learning
	1 Introduction
		1.1 Data Protection At-Rest and In-Transit
		1.2 Data Protection for Machine Learning Tasks
		1.3 Security and Privacy Techniques
		1.4 Organization
	2 ML Security and Privacy Goals
		2.1 Security Goals
		2.2 Privacy Goals
	3 Techniques for Security and Privacy
		3.1 Security Techniques
		3.2 Privacy Techniques
	4 Secure Computation for Machine Learning
		4.1 Inference
		4.2 Evaluation
		4.3 Training
	5 Conclusion
	References
Attack on the Privacy-Preserving Carpooling Service TAROT
	1 Introduction
		1.1 Threat Model
		1.2 Our Contribution
		1.3 Outline of the Paper
	2 GMEDA - Privacy-Preserving Equality Determination Algorithm
		2.1 TAROT
		2.2 GMEDA
		2.3 Attack on GMEDA (Attack-1)
		2.4 A More Efficient Attack on GMEDA (Attack-2)
	References
Democracy in Your Hands!: Practical Multi-key Homomorphic E-Voting
	1 Introduction
	2 System Model and Threat Model
	3 Encrypted Voting Framework Implementation
		3.1 Key Generation Phase
		3.2 Voter Registration Phase
		3.3 Voter Verification Phase
		3.4 Vote Casting Phase
		3.5 Automated Vote Counting Phase
		3.6 Result Deciphering Phase
	4 Result Analysis
	5 Conclusion
	References
Cryptography
Secured Collaboration with Ciphertext Policy Attribute Based Signcryption in a Distributed Fog Environment for Medical Data Sharing
	1 Introduction
	2 Literature Review
	3 Proposed Methodology
		3.1 Preliminaries
		3.2 Architecture Overview
		3.3 System Description
		3.4 System Design
	4 Security Proof
	5 Performance Evaluation
	6 Conclusion
	References
Verifiable Timed Accountable Subgroup Multi-signatures
	1 Introduction
	2 Preliminaries
		2.1 Accountable Subgroup Multi-signatures (ASM)
		2.2 Verifiable Timed Commitments (VTC)
		2.3 Security Requirements
	3 Proposed Schemes
		3.1 Modified Accountable Subgroup Multi-signature Scheme (mASM)
		3.2 VTC with mASM (VT-MASM)
	4 Performance Evaluation
	5 Conclusion and Future Work
	References
Escrow and Pairing Free CP-ABE Scheme with Forward and Backward Secrecy for Healthcare Internet of Things
	1 Introduction
	2 Related Work
	3 The Proposed EPFCS System and Threat Model
	4 The Proposed EPFCS
	5 Security and Performance Analysis
		5.1 Security Analysis
		5.2 Performance Analysis
	6 Conclusions and Future Works
	References
Blockchains
Ensuring Data Security in the Context of IoT Forensics Evidence Preservation with Blockchain and Self-Sovereign Identities
	1 Introduction
	2 Background
		2.1 Self-Sovereign Identities
		2.2 Relationship with Blockchain Technology
		2.3 Use of Agents
	3 Related Work
	4 System Overview
		4.1 Definition of Tools and Technologies
		4.2 Gateway-Based Approach for Constrained IoT Devices
		4.3 Use Case in Evidence Preservation
		4.4 Security Considerations
	5 Experiments, Results, and Analysis
		5.1 Implementation
		5.2 Results and Analysis
	6 Conclusion
	References
Analysis of Optimal Number of Shards Using ShardEval, A Simulator for Sharded Blockchains
	1 Introduction
	2 Background and Related Work
	3 Architecture of ShardEval
		3.1 Framework
		3.2 Network Components
		3.3 Functional Components
	4 Simulator Workflow
		4.1 Network Configuration
		4.2 Transactions and Tx-Blocks Generation
		4.3 Voting on Tx-Blocks
		4.4 Mini-Blocks Generation
		4.5 Consensus by Principal Committee
		4.6 Blocks Generation
	5 Analysis on Optimal Number of Shards
		5.1 Computation of Delay and Throughput
		5.2 Variation with Change in Number of Shards
		5.3 Optimal Shard Value for a Fixed Cross-Shard Transaction Ratio
	6 Simulations and Observations
		6.1 TPS Versus Number of Shards
		6.2 TPS Versus Fraction of Cross-Shard Transactions
	7 Optimization Using Lookup Table
		7.1 Probabilistic Modeling of Lookup Table
		7.2 Observations
	8 Conclusions
	References
SoK: Digital Signatures and Taproot Transactions in Bitcoin
	1 Introduction
	2 Digital Signatures Used in Bitcoin
		2.1 ECC in Bitcoin
		2.2 ECDLP and ECDSA
	3 Implementation of ECDSA in Bitcoin
		3.1 Encoding of Keys and Signature
		3.2 Transactions Using ECDSA
		3.3 Issues in ECDSA
	4 Schnorr Signatures
		4.1 Comparison Between ECDSA and Schnorr Signature
		4.2 Features of Schnorr Signature
		4.3 Encoding of Keys and Signature
	5 Taproot
		5.1 Transactions Using Schnorr Signature
		5.2 Script Tree
		5.3 Spending Taproot Input
		5.4 Use of Schnorr Signature in Multisignature Transactions
		5.5 Security and Privacy in Schnorr Signature
	6 Conclusion and Future Work
	References
BCTPV-NIZK: Publicly-Verifiable Non-interactive Zero-Knowledge Proof System from Minimal Blockchain Assumptions
	1 Introduction
		1.1 Motivations
		1.2 Contributions
	2 Background
		2.1 Blockchain Protocols
		2.2 Publicly-Verifiable Randomness
		2.3 Publicly-Verifiable WIP (PV-WIP)
		2.4 NIZK System
	3 Proposed BCTPV-NIZK System
	4 Formal Proofs
		4.1 Completeness
		4.2 Soundness
		4.3 Zero Knowledge
	5 A Note on Blockchain Collapse
	6 Experiments
	7 Conclusion
	References
Proof-of-Variable-Authority: A Blockchain Consensus Mechanism for Securing IoT Networks
	1 Introduction
	2 Motivation
	3 Background
	4 Design
		4.1 Registration
		4.2 Broadcasting and Verification
	5 Security Aspects
	6 Implementation
		6.1 Proof-of-Concept
		6.2 Geth Implementation
	7 Performance Analysis
	8 Conclusion
	References
An Efficient Two-Party ECDSA Scheme for Cryptocurrencies
	1 Introduction
	2 Preliminaries
		2.1 Threshold Signature
		2.2 Security Model
	3 Our Proposed Scheme
		3.1 Technical Overview of Construction
		3.2 Proof of Correctness
		3.3 Construction
		3.4 Security Proof
	4 Experiments
	5 Efficiency Comparison
		5.1 Efficient ECDSA Semi-aggregation Property
		5.2 Extension to General (t,n) Threshold Scheme
	6 Conclusion
	References
Secure Smart Grid Data Aggregation Based on Fog Computing and Blockchain Technology
	1 Introduction
		1.1 Contributing Features
	2 Related Work
	3 Proposed Scheme Methodology
	4 Performance Analysis
		4.1 System Configuration, Tools and Platform
		4.2 Theoretical Implementation Analysis
		4.3 Practical Implementation Analysis
		4.4 Experimental Execution
	5 Outlook and Conclusion
	References
Crypto-Ransomware Detection: A Honey-File Based Approach Using Chi-Square Test
	1 Introduction
	2 Problem Statement
	3 Literature Survey
		3.1 Detection Using Honeypots
		3.2 Network Analysis
		3.3 File Analysis
	4 Proposed Design
		4.1 Honeypot
		4.2 Entropy Montoring
		4.3 Integration
		4.4 Optimisations
	5 Experimental Results
		5.1 Chi-Square Analysis
	6 Design-Based Comparison with Existing Solutions
		6.1 R-Locker
		6.2 Data Aware Defence
		6.3 Design Comparison
	7 Conclusion
	References
PSDP: Blockchain-Based Computationally Efficient Provably Secure Data Possession
	1 Introduction
		1.1 Related Work
		1.2 Contribution
	2 System and Protocol Model
	3 Provable Data Possession Based on Blockchain
	4 Construction of Data Possession Scheme
		4.1 Proof of Correctness
	5 Conclusion
	References
Private and Verifiable Inter-bank Transactions and Settlements on Blockchain
	1 Introduction
	2 Related Work
	3 Preliminaries: BLS Signature
	4 Proposed Protocol
		4.1 Solution Setup
		4.2 Inter Bank Fund Transfer Transaction Flow
		4.3 Private Settlement Between Banks
	5 Results
		5.1 Performances
	6 Conclusion and Future Works
	References
Author Index