University of Twente Student Theses

Login

Using artificial intelligence to mitigate file injection attacks in emails

Arva, D. (2021) Using artificial intelligence to mitigate file injection attacks in emails.

[img] PDF
552kB
Abstract:Searchable Encryption is a cryptographic technique that allows a client to search for keywords across encrypted files on a server while ensuring privacy and protection of the user data. Such a technique is ideal for poorly secured servers because even if these servers are compromised in a cybersecurity attack, the files are encrypted, and the content cannot be read. However, it is possible to retrieve plaintext of an encrypted keyword using a file injection attack because the Searchable Encryption leaks to the server information about the query results. As proposed by Zhang et al. at Usenix Security in 2016, the file injection attack consists of a server sending a set of files to its client to recover the plaintext of the searched encrypted keywords. The number of injected files depends on the attacks and countermeasures adopted. One of the possible countermeasures for such an attack is to limit the files returned in a query by setting a threshold of keywords that an indexed file should have. In this work, two countermeasures are compared , one unsophisticated proposed by Zhang et al. at Usenix Security in 2016 - threshold countermeasure - and another based on artificial intelligence proposed by Lui et al. at International Workshop on Security and Privacy Analytics in 2020. Each of them comes with advantages and disadvantages. However, this research paper proved that, when mitigating malicious files, the countermeasure based on artificial intelligence performs better than the threshold; still, it underperforms when it comes to the effects on benign files.
Item Type:Essay (Bachelor)
Faculty:EEMCS: Electrical Engineering, Mathematics and Computer Science
Subject:54 computer science
Programme:Computer Science BSc (56964)
Link to this item:http://purl.utwente.nl/essays/86863
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page