This paper discusses the resilience of networks based on graph theory and stochastic process. The electric power network where edges may fail simultaneously and the performance of the network is measured by the ratio of connected nodes is supposed for the target network. For the restoration, under the constraint that the resources are limited, the failed edges are repaired one by one, and the order of the repair for several failed edges is determined with the priority to the edge that the amount of increasing system performance is the largest after the completion of repair. Two types of resilience are discussed, one is resilience in the recovery stage according to the conventional definition of resilience and the other is steady state operational resilience considering the long-term operation in which the network state changes stochastically. The second represents a comprehensive capacity of resilience for a system and is analytically derived by Markov analysis. We assume that the large-scale disruption occurs due to the simultaneous failure of edges caused by the common cause failures in the analysis. Marshall-Olkin type shock model and α factor method are incorporated to model the common cause failures. Then two resilience measures, “operational resilience” and “operational resilience in recovery stage” are proposed. We also propose approximation methods to obtain these two operational resilience measures for complex networks.

In this paper, we construct the first efficient leakage-resilient CCA2 (LR-CCA2)-secure attribute-based encryption (ABE) schemes. We also construct the first efficient LR-CCA2-secure identity-based encryption (IBE) scheme with optimal leakage rate. To obtain our results, we develop a new quasi-adaptive non-interactive zero-knowledge (QA-NIZK) argument for the ciphertext consistency of the LR-CPA-secure schemes. Our ABE schemes are obtained by boosting the LR-CPA-security of some existing schemes to the LR-CCA2-security by using our QA-NIZK arguments. The schemes are almost as efficient as the underlying LR-CPA-secure schemes.

While websites are becoming more and more complex daily, the difficulty of managing them is also increasing. It is important to conduct regular maintenance against these complex websites to strengthen their security and improve their cyber resilience. However, misconfigurations and vulnerabilities are still being discovered on some pages of websites and cyberattacks against them are never-ending. In this paper, we take the novel approach of applying the concept of security governance to websites; and, as part of this, measuring the consistency of software settings and versions used on these websites. More precisely, we analyze multiple web pages with the same domain name and identify differences in the security settings of HTTP headers and versions of software among them. After analyzing over 8,000 websites of popular global organizations, our measurement results show that over half of the tested websites exhibit differences. For example, we found websites running on a web server whose version changes depending on access and using a JavaScript library with different versions across over half of the tested pages. We identify the cause of such governance failures and propose improvement plans.

In this paper, we propose a new leakage-resilient identity-based encryption (IBE) scheme that is secure against chosen-ciphertext attacks (CCA) in the bounded memory leakage model. The security of our scheme is based on the external k-Linear assumption. It is the first CCA-secure leakage-resilient IBE scheme which does not depend on q-type assumptions. The leakage rate 1/10 is achieved under the XDLIN assumption (k=2).

A key-order preserving structured overlay network is a class of structured overlay network that preserves, in its structure, the order of keys to support efficient range queries. This paper presents a novel key-order preserving structured overlay network “Suzaku”. Similar to the conventional Chord#, Suzaku uses a periodically updated finger table as a routing table, but extends its uni-directional finger table to bi-directional, which achieves ⌈log2 n⌉-1 maximum lookup hops in the converged state. Suzaku introduces active and passive bi-directional finger table update algorithms for node insertion and deletion. This method maintains good lookup performance (lookup hops increase nearly logarithmically against n) even in churn situations. As well as its good performance, the algorithms of Suzaku are simple and easy to implement. This paper describes the principles of Suzaku, followed by simulation evaluations, in which it showed better performance than the conventional networks, Chord# and Skip Graph.

In this paper, we propose a method to construct a scalable sensor data stream delivery system that guarantees the specified delivery quality of service (i.e., total reachability to destinations), even when delivery server resources (nodes) are in a heterogeneous churn situation. A number of P2P-based methods have been proposed for constructing a scalable and efficient sensor data stream system that accommodates different delivery cycles by distributing communication loads of the nodes. However, no existing method can guarantee delivery quality of service when the nodes on the system have a heterogeneous churn rate. As an extension of existing methods, which assign relay nodes based on the distributed hashing of the time-to-deliver, our method specifies the number of replication nodes, based on the churn rate of each node and on the relevant delivery paths. Through simulations, we confirmed that our proposed method can guarantee the required reachability, while avoiding any increase in unnecessary resource assignment costs.

In this paper, we propose the first identity-based dynamic multi-cast key distribution (ID-DMKD) protocol which is secure against maximum exposure of secret information (e.g., secret keys and session-specific randomness). In DMKD protocols, users share a common session key without revealing any information of the session key to the semi-honest server, and can join/leave to/from the group at any time even after establishing the session key. Most of the known DMKD protocols are insecure if some secret information is exposed. Recently, an exposure resilient DMKD protocol was introduced, however, each user must manage his/her certificate by using the public-key infrastructure. We solve this problem by constructing the DMKD protocol authenticated by user's ID (i.e., without certificate). We introduce a formal security definition for ID-DMKD by extending the previous definition for DMKD. We must carefully consider exposure of the server's static secret key in the ID-DMKD setting because exposure of the server's static secret key causes exposure of all users' static secret keys. We prove that our protocol is secure in our security model in the standard model. Another advantage of our protocol is scalability: communication and computation costs of each user are independent from the number of users. Furthermore, we show how to extend our protocol to achieve non-interactive join by using certificateless encryption. Such an extension is useful in applications that the group members frequently change like group chat services.

Threats to a society and its social infrastructure are inevitable and endanger human life and welfare. Resilience is a core concept to cope with such threats in strengthening risk management. A resilient system adapts to an incident in a timely manner before it would result in a failure. This paper discusses the secondary use of personal data as a key element in such conditions and the relevant process mining in order to reduce IT risk on safety. It realizes completeness for such a proof on data breach in an acceptable manner to mitigate the usability problem of soundness for resilience. Acceptable soundness is still required and realized in our scheme for a fundamental privacy-enhancing trust infrastructure. Our proposal achieves an IT baseline protection and properly treats personal data on security as Ground Truth for deriving acceptable statements on data breach. An important role plays reliable broadcast by means of the block chain. This approaches a personal IT risk management with privacy-enhancing cryptographic mechanisms and Open Data without trust as belief in a single-point-of-failure. Instead it strengthens communities of trust.

The development of multi-view video has paved the way for emerging 3D applications. In general multi-view video streaming, video frames for all viewpoints, i.e., cameras, must be transmitted to viewers because the view-switching demands of all viewers are unpredictable. However, existing transmission schemes are highly vulnerable to frame loss. Specifically, frame loss in one viewpoint can induce a collapse in decoding for other viewpoints. To improve loss-resilience, this paper proposes a multi-path based multi-view video transmission scheme. Our scheme encodes video frames into multiple versions that are independent of each other, using inter-view prediction. The scheme then transmits each version using multiple transmission paths. Our scheme makes three contributions: 1) it reduces video traffic even for a large number of cameras, 2) it prevents an increase in the number of undecoded video frames caused by single-frame loss, and 3) it conceals frame loss by taking video frames from other paths. Evaluations show that our proposed scheme improves video quality by 3 dB, as compared to existing transmission schemes in loss-prone environments.

With the scaling of technology, nanoscale CMOS integrated circuits are becoming more sensitive to single event double node upsets induced by charge sharing. A novel highly robust hardened latch design is presented that is fully resilient to single event double node upsets and single node upsets. The proposed latch employs multiple redundant C-elements to form a dual interlocked structure in which the redundant C-elements can bring the affected nodes back to the correct states regardless of the energy of the striking particle. Detailed HSPICE results confirm that the proposed latch features complete resilience to double node upsets and achieves an improved trade-off in terms of robustness, area, delay and power in comparison with previous latches. Extensive Monte Carlo simulations validate the proposed latch features as less sensitive to process, supply voltage and temperature variations.

Video quality generally suffers from packet losses caused by an unreliable channel when video is transmitted over an error-prone wireless channel. This quality degradation is the main reason that a video compression encoder uses error-resilient coding to deal with the high packet-loss probability. The use of adequate error resilience can mitigate the effects of channel errors, but the coding efficiency for bit reduction will be decreased. On the other hand, H.264/AVC uses multiple reference frame (MRF) motion compensation for a higher coding efficiency. However, an increase in the number of reference frames in the H.264/AVC encoder has been recently observed, making the received video quality worse in the presence of transmission errors if the cyclic intra-refresh is used as the error-resilience method. This is because the reference-block selection in the MRF chooses blocks on the basis of the rate distortion optimization, irrespective of the intra-refresh coding. In this paper, a new error-resilient reference selection method is proposed to provide error resilience for MRF based motion compensation. The proposed error-resilient reference selection method achieves an average PSNR enhancement up to 0.5 to 2dB in 10% packet-loss-ratio environments. Therefore, the proposed method can be valuable in most MRF-based interactive video encoding system, which can be used for video broadcasting and mobile video conferencing over an erroneous network.

Multi-view video streaming plays an important role in new interactive and augmented video applications such as telepresence, remote surgery, and entertainment. For those applications, interactive multi-view video transmission schemes have been proposed that aim to reduce the amount of video traffic. Specifically, these schemes only encode and transmit video frames, which are potentially displayed by users, based on periodical feedback from the users. However, existing schemes are vulnerable to frame loss, which often occurs during transmissions, because they encode most video frames using inter prediction and inter-view prediction to reduce traffic. Frame losses induce significant quality degradation due to the collapse of the decoding operations. To improve the loss resilience, we propose an encoding/decoding system, Frame Popularity-based Multi-view Video Streaming (FP-MVS), for interactive multi-view video streaming services. The main idea of FP-MVS is to assign intra (I) frames in the prediction structure for less/more popular (i.e., few/many observed users) potential frames in order to mitigate the impact of a frame loss. In addition, FP-MVS utilizes overlapping and non-overlapping areas between all user's potential frames to prevent redundant video transmission. Although each intra-frame has a large data size, the video traffic can be reduced within a network constraint by combining multicast and unicast for overlapping and non-overlapping area transmissions. Evaluations using Joint Multi-view Video Coding (JMVC) demonstrated that FP-MVS achieves higher video quality even in loss-prone environments. For example, our scheme improves video quality by 11.81dB compared to the standard multi-view video encoding schemes at the loss rate of 5%.

Audio hashing has been successfully employed for protection, management, and indexing of digital music archives. For a reliable audio hashing system, improving hash matching accuracy is crucial. In this paper, we try to improve a binary audio hash matching performance by utilizing auxiliary information, resilience mask, which is obtained while constructing hash DB. The resilience mask contains reliability information of each hash bit. We propose a new type of resilience mask by considering spectrum scaling and additive noise distortions. Experimental results show that the proposed resilience mask is effective in improving hash matching performance.

Peer-to-peer (P2P) networks have attracted increasing attention in the distribution of large-volume and frequently accessed content. In this paper, we mainly consider the problem of key leakage in secure P2P content distribution. In secure content distribution, content is encrypted so that only legitimate users can access the content. Usually, users (peers) cannot be fully trusted in a P2P network because malicious ones might leak their decryption keys. If the redistribution of decryption keys occurs, copyright holders may incur great losses caused by free riders who access content without purchasing it. To decrease the damage caused by the key leakage, the individualization of encrypted content is necessary. The individualization means that a different (set of) decryption key(s) is required for each user to access content. In this paper, we propose a P2P content distribution scheme resilient to the key leakage that achieves the individualization of encrypted content. We show the feasibility of our scheme by conducting a large-scale P2P experiment in a real network.

Although SDN provides desirable characteristics such as the manageability, flexibility and extensibility of the networks, it has a considerable disadvantage in its reliability due to its centralized architecture. To protect SDN-enabled networks under large-scale, unexpected link failures, we propose ResilientFlow that deploys distributed modules called Control Channel Maintenance Module (CCMM) for every switch and controllers. The CCMMs makes switches able to maintain their own control channels, which are core and fundamental part of SDN. In this paper, we design, implement, and evaluate the ResilientFlow.

A key issue in Peer-to-Peer (P2P) live streaming systems is that several participant peers tend to leave within a short time period. For example, such a phenomenon is common at the half time of football games and at the end of the performance of famous artists. Such selfish behavior of the participants causes several problems in P2P networks such as the disconnection of the overlay, the departure of backup peers and the occurrence of cyclic reference to backup peers. In this paper, we propose several techniques for tree-structured P2P live streaming systems to enhance their resilience to the simultaneous departure of some participants. As the baseline of the discussion, we will focus on mTreebone which is a typical churn-resilient P2P live streaming system based on the notion of peer stability. The performance of the proposed techniques is evaluated by simulation. The simulation result indicates that even under high churn rates, the proposed techniques significantly reduce the number of attempts needed to connect to backup peers and the recovery time after a fail.

ID-based authenticated key exchange (ID-AKE) is a cryptographic tool to establish a common session key between parties with authentication based on their IDs. If IDs contain some hierarchical structure such as an e-mail address, hierarchical ID-AKE (HID-AKE) is especially suitable because of scalability. However, most of existing HID-AKE schemes do not satisfy advanced security properties such as forward secrecy, and the only known strongly secure HID-AKE scheme is inefficient. In this paper, we propose a new HID-AKE scheme which achieves both strong security and efficiency. We prove that our scheme is eCK-secure (which ensures maximal-exposure-resilience including forward secrecy) without random oracles, while existing schemes is proved in the random oracle model. Moreover, the number of messages and pairing operations are independent of the hierarchy depth; that is, really scalable and practical for a large-system.

In 2001, Boneh and Franklin realized the first Identity-Based Encryption (IBE), and at the same time they proposed a simple way to revoke users from the system. Later, Boldyreva et al. pointed out that Boneh-Franklin's revocation method is not scalable well and they proposed the first IBE scheme with efficient revocation. Recently, Tseng and Tsai [Computer Journal, Vol.55 No.4, page 475-486, 2012] claimed that Boldyreva et al.'s scheme requires a secure channel between each user and the key generation center in the key update phase, and proposed a new revocable IBE (RIBE) with a public channel by extending the Boneh-Franklin scheme. In this paper, we revisit Tseng and Tsai's result; we first point out that secure channels (except for the initial key setup) are not mandatory in the definition of RIBE scheme formalized by Boldyreva et al. Next, we show that Boldyreva et al.'s scheme does not require any secure channels (except for the initial key setup), which is different from what Tseng and Tsai claimed and so invalidates their contribution of the first RIBE with a public channel. Moreover, we point out that there are simple techniques to remove secure channels from the Boneh-Franklin RIBE. Interestingly, we show that the secure-channel-free Boneh-Franklin RIBE scheme is secure against decryption key exposure, whereas the Tseng-Tsai RIBE scheme is vulnerable to this attack.

Robustness is one of the significant properties in wireless sensor networks because sensor nodes and wireless links are subjected to frequent failures. Once these failures occur, system performance falls into critical condition due to increases in traffic and losses of connectivity and reachability. Most of the existing studies on sensor networks, however, do not conduct quantitative evaluation on robustness and do not discuss what brings in robustness. In this paper, we define and evaluate robustness of wireless sensor networks and show how to improve them. By computer simulation, we show that receiver-initiated MAC protocols are more robust than sender-initiated ones and a simple detour-routing algorithm has more than tripled robustness than the simple minimum-hop routing algorithm.

Cubic TCP, one of transport protocols designed for high bandwidth-delay product (BDP) networks, has successfully been deployed in the Internet. Multi-homed computers with multiple interfaces to access the Internet via high speed links will become more popular. In this work, we introduce an extended version of Cubic TCP for multiple paths, called MPCubic. The extension process is approached from an analysis model of Cubic by using coordinated congestion control between paths. MPCubic can spread its traffic across paths in load-balancing manner, while preserving fair sharing with regular TCP, Cubic, and MPTCP at common bottlenecks. Moreover, to improve resilience to link failure, we propose a multipath fast recovery algorithm. The algorithm can significantly reduce the recovery time of data rate after restoration of failed links. These techniques can be useful for resilient high-bandwidth applications (for example, tele-health conference) in disaster-affected areas. Our simulation results show that MPCubic can achieve stability, throughput improvement, fairness, load-balancing, and quick data rate recovery from link failure under a variety of network conditions.