The one-time authentication mechanism in traditional methods cannot continuously authenticate smartphone users' identities throughout the session. Continuous based on behavioral biometrics recorded by built-in sensors can solve this issue. However, existing multisensor have poor ability to extract valuable features that represent patterns. This article proposes a novel method combining manual construction and deep metric learning perform two-stage feature extraction, respectively. We...

Abstract Keystroke-based behavioral biometrics have been proven effective for continuous user authentication. Current state-of-the-art algorithms achieved outstanding results in long text or short collected by doing some tasks. It remains a considerable challenge to authenticate users continuously and accurately with keystroke inputs uncontrolled settings. In this work, we propose Timely method Continuous Authentication, named TKCA. integrates the key name two kinds of timing features...

Demand for remote work has surged as the COVID-19 epidemic spread around world. As one of main implementations desktop virtualization, Virtual Desktop Infrastructure (VDI) is popular and widely used in corporate work. A VDI user can connect to use a virtual machine data center by logging with username password using any device anywhere Internet access. mobile convenience but at risk leakage insider threat. Traditional authentication methods, such PIN, cannot withstand these threats. This...

Memory deduplication improves memory density by merging identical pages in multi-tenanted cloud. However, is vulnerable to disclosure attacks and covert channel attacks. The bases on the difference write access time deduplicated that are re-created Copy-on-Write technique. Prior works have shown malicious attackers can make use of COW achieve their purpose, for example identifying whether apps run a VM or creating communication between VMs. While this kind attack uses characteristic shared...

Software-Defined Networking (SDN) decouples the data plane from control plane, enabling centralized and open programmability of network. OpenFlow flow rules are key carrier for SDN application to configure manage through processing efficiency controller in is critical as it will directly impact instantaneity configuring managing plane. Currently, increases by means multi-threaded parallel processing. However, experiments widely used ONOS, we found a new bottleneck that causes performance...

Behavioral biometrics-based continuous authentication is a promising scheme, which uses behavioral biometrics recorded by built-in sensors to authenticate smartphone users throughout the session. However, current methods suffer some limitations: 1) from impostors are needed train models. Since distribution of negative samples diverse attackers unknown, it difficult problem solve in real-world scenarios; 2) most deep learning-based need two models improve performance. A learning model for...

The flow table is the core interactive component between control plane and data in software-defined network, it realizes global coordination dynamic mapping of security policy. rules determine SDN network behavior, affects whole facilities. To address challenges for security, this paper proposes implements a framework, named as SecFT-SDN, on carrier-grade open source controller (ONOS). SecFT-SDN installs rule test set, with latency penalty varied from 10.98 milliseconds to 7.17 throughput...

With the dramatic increase in network speed during past ten years, processing efficiency has been significantly decreased. In this paper, we propose a accelerating scheme, which employs cache locking method to reduce data and instruction accessing latency. Interrupts handling buffer maintenance overheads are obviously Experimental results show that our solution increases about 22% bandwidth reduces 10%

Masquerade attacks are one of the most dangerous threats in cloud environment. Attackers masquerade as legitimate users obtaining access to illegally use resources. If attackers masquerades internal administrator with top-level privileges, they can change security policies or convey confidential information, causing irreparable damage system. Building trust on user side is an important auxiliary protect Most evaluation research mainly extracts behavior features train basic machine learning...

Recently, data protection has become increasingly important in cloud environments. The platform global user information, rich storage resource allocation and a fuller understanding of attributes. At the same time, there is an urgent need for access control to provide security, software-defined network, as ready-made facility, network view, management capabilities, programable rules. In this paper, we present approach, named High-Performance Software-Defined Data Access Network (HP-SDDAN),...