A Location-Aware and Healing Attestation Scheme for Air-Supported Internet of Vehicles

With the rapid technological advancement in the Internet of Things (IoT) and Internet of Vehicles (IoV), we witness exponential growth of Connected and Autonomous Vehicles (CAVs). However, these integrations of IoV with other technologies make the IoV network and its interaction between different network components highly complex. Therefore,...

BLUFADER: Blurred face detection & recognition for privacy-friendly continuous authentication

Authentication and de-authentication phases should occur at the beginning and end of secure user sessions, respectively. A secure session requires the user to pass the former, but the latter is often underestimated or ignored. Unattended or dangling sessions expose users to well-known Lunchtime Attacks. To mitigate this threat, researchers...

Social Honeypot for Humans: Luring People Through Self-managed Instagram Pages

Social Honeypots are tools deployed in Online Social Networks (OSN) to attract malevolent activities performed by spammers and bots. To this end, their content is designed to be of maximum interest to malicious users. However, by choosing an appropriate content topic, this attractive mechanism could be extended to any OSN users, rather than...

Astraea: Anonymous and Secure Auditing Based on Private Smart Contracts for Donation Systems

Many regions are in urgent need of facial masks for slowing down the spread of COVID-19. To fight the pandemic, people are contributing masks through donation systems. Most existing systems are built on a centralized architecture which is prone to the single point of failure and lack of transparency. Blockchain-based solutions neglect...

Privacy-Friendly De-Authentication with BLUFADE: Blurred Face Detection

Ideally, secure user sessions should start and end with authentication and de-Authentication phases, respectively. While the user must pass the former to start a secure session, the latter's importance is often ignored or underestimated. Dangling or unattended sessions expose users to well-known Lunchtime Attacks. To mitigate this threat, the...

Nereus: Anonymous and Secure Ride-Hailing Service based on Private Smart Contracts

Security and privacy issues have become a major hindrance to the broad adoption of Ride-Hailing Services (RHSs). In this article, we introduce a new collusion attack initiated by the Ride-Hailing Service Provider (RHSP) and a driver that could easily link the real riders and their anonymous requests (credentials). Besides this attack,...

Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud

Location-Based Services (LBSs) depend on a Service Provider (SP) to store data owners’ geospatial data and to process data users’ queries. For example, a Yelp user queries the SP to retrieve the k nearest Starbucks by submitting her/his current location. It is well-acknowledged that location privacy is vital to users and several prominent...

Anonymous and Verifiable Reputation System for E-commerce Platforms based on Blockchain

E-commerce platforms incorporate reputation systems that allow customers to rate suppliers following financial transactions. Existing reputation systems cannot defend the centralized server against arbitrarily tampering with the supplier’s reputation. Furthermore, they do not offer reputation access across platforms. Rates are faced with privacy...