University of Twente Student Theses
Thwarting File-Injection Attacks on Searchable Encryption via Client-side Detection
Bogaard, C.H.M van den (2020) Thwarting File-Injection Attacks on Searchable Encryption via Client-side Detection.
PDF
3MB |
Abstract: | The concept of Searchable Encryption is a promising solution to protect the contents of outsourced data and search queries to the data from unauthorized access by Cloud Service Providers and other external adversaries. Recently File Injection Attacks have been proposed which can break query privacy. In these attacks, the adversary sends files to the client, which are then encrypted and stored. This adversary can break query privacy using these injected files. Solutions to these attacks have been proposed, such as Forward Private Searchable Encryption; however, these SE schemes do not completely mitigate the problem. We propose client-side detection schemes that can be applied to all Searchable Encryption Schemes and have low overhead. We show that we can reduce the attack success of three attacks to 0 and for one attack to a maximum of 0.1 while obtaining 0.99 detection accuracy for benign files. Furthermore, we show that modifications to the first three attacks do not improve the attack success, and for the last attack, we show that the adversary can obtain an attack success maximum of 0.45 under the worst-case scenario while obtaining 0.80 detection accuracy for benign files. |
Item Type: | Essay (Master) |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science MSc (60300) |
Link to this item: | https://purl.utwente.nl/essays/85359 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page