In this paper,we study the problem of privacy-preserving top-k keyword similarity search over outsourced cloud data.Taking edit distance as a measure of similarity,we first build up the similarity keyword sets for all...In this paper,we study the problem of privacy-preserving top-k keyword similarity search over outsourced cloud data.Taking edit distance as a measure of similarity,we first build up the similarity keyword sets for all the keywords in the data collection.We then calculate the relevance scores of the elements in the similarity keyword sets by the widely used tf-idf theory.Leveraging both the similarity keyword sets and the relevance scores,we present a new secure and efficient treebased index structure for privacy-preserving top-k keyword similarity search.To prevent potential statistical attacks,we also introduce a two-server model to separate the association between the index structure and the data collection in cloud servers.Thorough analysis is given on the validity of search functionality and formal security proofs are presented for the privacy guarantee of our solution.Experimental results on real-world data sets further demonstrate the availability and efficiency of our solution.展开更多
The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves stora...The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves storage and analysis of network flow statistic. However, this approach loses much valuable information within the Internet traffic. With the advancement of commodity hardware, in particular the volume of storage devices and the speed of interconnect technologies used in network adapter cards and multi-core processors, it is now possible to capture 10 Gbps and beyond real-time network traffic using a commodity computer, such as n2disk. Also with the advancement of distributed file system (such as Hadoop, ZFS, etc.) and open cloud computing platform (such as OpenStack, CloudStack, and Eucalyptus, etc.), it is practical to store such large volume of traffic data and fully in-depth analyse the inside communication within an acceptable latency. In this paper, based on well- known TimeMachine, we present TIFAflow, the design and implementation of a novel system for archiving and querying network flows. Firstly, we enhance the traffic archiving system named TImemachine+FAstbit (TIFA) with flow granularity, i.e., supply the system with flow table and flow module. Secondly, based on real network traces, we conduct performance comparison experiments of TIFAflow with other implementations such as common database solution, TimeMachine and TIFA system. Finally, based on comparison results, we demonstrate that TIFAflow has a higher performance improvement in storing and querying performance than TimeMachine and TIFA, both in time and space metrics.展开更多
基金supported partly by the following funding agencies:the National Natural Science Foundation(No.61170274)the Innovative Research Groups of the National Natural Science Foundation(No.61121061)+1 种基金the National Key Basic Research Program of China (No.2011CB302506)Youth Scientific Research and Innovation Plan of Beijing University of Posts and Telecommunications(No. 2013RC1101)
文摘In this paper,we study the problem of privacy-preserving top-k keyword similarity search over outsourced cloud data.Taking edit distance as a measure of similarity,we first build up the similarity keyword sets for all the keywords in the data collection.We then calculate the relevance scores of the elements in the similarity keyword sets by the widely used tf-idf theory.Leveraging both the similarity keyword sets and the relevance scores,we present a new secure and efficient treebased index structure for privacy-preserving top-k keyword similarity search.To prevent potential statistical attacks,we also introduce a two-server model to separate the association between the index structure and the data collection in cloud servers.Thorough analysis is given on the validity of search functionality and formal security proofs are presented for the privacy guarantee of our solution.Experimental results on real-world data sets further demonstrate the availability and efficiency of our solution.
基金the National Key Basic Research and Development (973) Program of China (Nos. 2012CB315801 and 2011CB302805)the National Natural Science Foundation of China A3 Program (No. 61161140320) and the National Natural Science Foundation of China (No. 61233016)Intel Research Councils UPO program with title of security Vulnerability Analysis based on Cloud Platform with Intel IA Architecture
文摘The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves storage and analysis of network flow statistic. However, this approach loses much valuable information within the Internet traffic. With the advancement of commodity hardware, in particular the volume of storage devices and the speed of interconnect technologies used in network adapter cards and multi-core processors, it is now possible to capture 10 Gbps and beyond real-time network traffic using a commodity computer, such as n2disk. Also with the advancement of distributed file system (such as Hadoop, ZFS, etc.) and open cloud computing platform (such as OpenStack, CloudStack, and Eucalyptus, etc.), it is practical to store such large volume of traffic data and fully in-depth analyse the inside communication within an acceptable latency. In this paper, based on well- known TimeMachine, we present TIFAflow, the design and implementation of a novel system for archiving and querying network flows. Firstly, we enhance the traffic archiving system named TImemachine+FAstbit (TIFA) with flow granularity, i.e., supply the system with flow table and flow module. Secondly, based on real network traces, we conduct performance comparison experiments of TIFAflow with other implementations such as common database solution, TimeMachine and TIFA system. Finally, based on comparison results, we demonstrate that TIFAflow has a higher performance improvement in storing and querying performance than TimeMachine and TIFA, both in time and space metrics.
