Your search keyword '"Ozgur Oksuz"' showing total 2 results

1. Securely outsourcing cookies to the cloud via private information retrieval

Author

Ozgur Oksuz, Chaoqun Yue, Kyoungwon Suh, Levon Nazaryan, Aggelos Kiayias, Bing Wang, and Ruofan Jin

Subjects

business.industry, Computer science, 020206 networking & telecommunications, Cloud computing, 02 engineering and technology, Computer security, computer.software_genre, Upload, Information sensitivity, Session hijacking, Server, 0202 electrical engineering, electronic engineering, information engineering, Web application, 020201 artificial intelligence & image processing, Web navigation, Session (computer science), business, computer, Computer network

Abstract

Many smartphone applications are web based and rely on cookies to maintain the status of a web session. Cookies, however, may lead to security threats since they may contain sensitive information. In addition, an attacker having access to a cookie can easily impersonate the legitimate user. In this paper, we propose and implement a system that securely outsources browser cookies to the cloud and ensures user privacy using Private Information Retrieval. Experimental evaluation using traces collected from operational cellular and WiFi networks demonstrates that our system achieves satisfactory performance for most real-life web browsing scenarios: the average latency is within 1.0 to 1.2 seconds (well within users' tolerance) even when retrieving tens of cookies over an LTE or WiFi network, and the amount of generated traffic is significantly lower than that when downloading the entire cookie database.

Published

2016

2. Encrypting wireless network traces to protect user privacy: A case study for smart campus

Author

Athanasios Bamis, Ozgur Oksuz, Chaoqun Yue, Levon Nazaryan, Bing Wang, Luqiao Zhang, and Aggelos Kiayias

Subjects

User information, Information privacy, business.industry, Computer science, Wireless network, Client-side encryption, 020206 networking & telecommunications, 02 engineering and technology, Encryption, 020204 information systems, Server, 0202 electrical engineering, electronic engineering, information engineering, Bandwidth (computing), Overhead (computing), business, Computer network

Abstract

Wireless network traces have been widely used to understand human behaviors and provide value-added services. Sanitization based techniques have been shown to be severely lacking in protecting sensitive user information embedded in such traces. In this paper, we take an encryption based approach that provides much stronger protection of user privacy. One challenge in encrypting wireless network traces is how to encrypt time range while maintaining the utility of the traces. We propose two practical encryption techniques to support queries that involve time range. These two techniques provide much stronger security guarantee than existing order preserving encryption schemes, and present different tradeoffs in complexity, as well as storage and network bandwidth requirement. Last, we quantify the performance of the proposed approach using a smart campus prototype. The results show that our approach only leads to moderate increase in storage, network bandwidth and computation overhead, demonstrating the practicality of our approach.

Published

2016