Ehsan Meamari

Hao Guo, Wanxin Li, Ehsan Meamari et al.

The global Electronic Health Record (EHR) market is growing dramatically and has already hit $31.5 billion in 2018. To safeguard the security of EHR data and privacy of patients, fine-grained information access and sharing mechanisms are essential for EHR management. This paper proposes a hybrid architecture of blockchain and edge nodes to facilitate EHR management. In this architecture, we utilize attribute-based multi-signature (ABMS) scheme to authenticate user's signatures without revealing the sensitive information and multi-authority attribute-based encryption (ABE) scheme to encrypt EHR data which is stored on the edge node. We develop the blockchain module on Hyperledger Fabric platform and the ABMS module on Hyperledger Ursa library. We measure the signing and verifying time of the ABMS scheme under different settings, and experiment with the authentication events and access activities which are logged as transactions in blockchain.

Ehsan Meamari, Hao Guo, Chien-Chung Shen et al.

Attribute-based Encryption (ABE) is an information centric security solution that moves beyond traditional restrictions of point-to-point encryption by allowing for flexible, fine-grain policy-based and content-based access control that is cryptographically enforced. As the original ABE systems are managed by a single authority, several efforts have decentralized different ABE schemes to address the key escrow problem, where the authority can issue secret keys to itself to decrypt all the ciphertext. However, decentralized ABE (DABE) schemes raise the issue of collusion attacks. In this paper, we review two existing types of collusion attacks on DABE systems, and introduce a new type of collusion among authorities and data users. We show that six existing DABE systems are vulnerable to the newly introduced collusion and propose a model to secure one of the DABE schemes.

Ehsan Meamari, Chien-Chung Shen

Since Bitcoin's inception in 2008, it has became attractive investments for both trading and mining. To mine Bitcoins, a miner has to invest in computing power and pay for electricity to solve cryptographic puzzles for rewards, if it becomes the first to solve a puzzle, paid in Bitcoin. Given that mining is such a resource intensive effort, miners seek new strategies trying to make the mining process more profitable.

Ehsan Meamari, Hao Guo, Chien-Chung Shen et al.

Attribute-Based Encryption (ABE) has emerged as an information-centric public-key cryptographic system which allows a data owner to share data, according to access policy, with multiple data users based on the attributes they possess, without knowing their identities. In the original ABE schemes, a central authority administrates the system and issues secret keys to data users based on their attributes and both the owner and users need to trust a specific CA. However, in certain real-world applications, the data users would not trust anyone but themselves. For such situations, we introduce a new decentralization model of ABE, termed Data User-based ABE (DU-ABE), which is managed jointly by the data users. DU-ABE is the first decentralized ABE scheme that replaces the authorities with the data users without employing any other extra entities.

Khadijeh Afhamisisi, Hadi Shahriar Shahhoseini, Ehsan Meamari

Cognitive Radio (CR) technology is a solution to solve the lack of spectrum by allowing the secondary user to use licensed bands. There are several potential security challenges for cognitive radio like Jamming, PUE and Lion attack. Lion attack is multi layer attacks that has effected on two layers. The Lion attack uses PUE or jamming attack in physical layer to disrupt TCP protocol in transport layer. Since transport layer is unaware of physical layer situation, when it occurs to an unacknowledged packet, there is no way to distinguish between congestion and disconnection in the physical layer. So the windows size of TCP would be decrease because of a wrong decision caused by unawareness. To Mitigate the Lion attack the cross layer design is usually used to freeze its windows size during frequency handoff. The main issue in this solution is finding the best strategy for freezing. In this paper, we propose a dynamic method for freezing and performing frequency handoff to counter Lion attack. Also a learning model based on Markov decision process (MDP) is applied. By using the proposed method, the secondary user can choose an optimal strategy in both physical and transport layers to reduce the effect of Lion attack.

Ehsan Meamari, Khadijeh Afhamisisi, Hadi Shahriar Shahhoseini

IEEE 802.22 standard utilizes cognitive radio (CR) techniques to allow sharing unused spectrum band. The cognitive radio is vulnerable to various attacks such as jamming attacks. This paper has focused on coordinated jamming attacks. A simple strategy for secondary users is to change their bands and switch to other appropriate bands when the jamming attack is occurred. Also, the malicious users should switch to other bands in order to jam the secondary users. To address this problem, a game theoretical method is proposed to analyze coordinated jamming attacks in CR. Then, using Nash equilibrium on the proposed game, the most appropriate bands have been found to switch as well as the optimal switching probabilities for both secondary and malicious users. Meanwhile, effects of different parameters like the number of malicious users are investigated in changing the optimal switching probabilities by analysis on the model.

Ehsan Meamari, Khadijeh Afhamisisi, Hadi Shahriar Shahhoseini

With the advancement of communication, the spectrum shortage problem becomes a serious problem for future generations. The cognitive radio technology is proposed to address this concern. In cognitive radio networks, the secondary users can access spectrum that allocated to the primary users without interference to the operation of primary users. Using cognitive radio network raises security issues such as jamming attack. A straightforward strategy to counter the jamming attack is to switch other bands. Finding the best strategy for switching is complicated when the malicious user is unknown to the primary users. This paper uses fictitious game for analysis the defense against such an unknown jammer.

Hao Guo, Ehsan Meamari, Chien-Chung Shen

Attribute-based access control makes access control decisions based on the assigned attributes of subjects and the access policies to protect objects by mediating operations from the subjects. Authority, which validates attributes of subjects, is one key component to facilitate attribute-based access control. In an increasingly decentralized society, multiple attributes possessed by subjects may need to be validated by multiple different authorities. This paper proposes a multi-authority attribute-based access control scheme by using Ethereum's smart contracts. In the proposed scheme, Ethereum smart contracts are created to define the interactions between data owner, data user, and multiple attribute authorities. A data user presents its attributes to different attribute authorities, and after successful validation of attributes, obtains attribute tokens from respective attribute authorities. After collecting enough attribute tokens, a smart contract will be executed to issue secret key to the data user to access the requested object. The smart contracts for multi-authority attribute-based access control have been prototyped in Solidity, and their performance has been evaluated on the Rinkeby Ethereum Testnet.

Alireza Naghizadeh, Tahereh Yourdkhani, Behrooz Razeghi et al.

Peer-to-Peer (P2P) networks as distributed solutions are used in a variety of applications. Based on the type of routing for queries among their nodes, they are classified into three groups: structured, unstructured and small-world P2P networks. Each of these categories has its own applications and benefits. Structured networks by using Distributed Hash Tables (DHT) can forward request search queries more efficiently. These networks usually organize a specific topology and make a geometrical shape. A circular topology is a prevalent design which was first introduced by Chord. In this paper, we propose BSROne, a circular structured P2P design which attempts to consider several shortcomings in the current networks. In our proposed method, we want to achieve O(1) routing time without requiring all of the nodes to know about each other. By removing the real connections between nodes and tying all of them with super-nodes, we could reduce the number of overheads that are essential to maintain the connectivity between nodes in such networks. Furthermore, we gave the network an ability to scale up by introducing one layer above super-nodes. We achieved this by emulating the design of binary search algorithm for supreme-nodes. In this paper, at first we introduce a design where fixed super-nodes with unlimited resources are given to the distributed network. In the next step, we explain how it can manage to work as a P2P application. We finally discuss the possibility of removing the scalability issue in a P2P environment for our design.