Kim-Kwang Raymond Choo

Kim-Kwang Raymond Choo
University of Texas at San Antonio | UTSA · Department of Information Systems and Cyber Security

PhD

About

1,035
Publications
390,069
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
31,411
Citations
Additional affiliations
March 2011 - present
University of South Australia 
March 2010 - December 2012
Australian National University
Position
  • ARC Discovery Projects grant: The evolution of cybercrime: the monitoring of serious crime in cyberspace
Description
  • Cybercrime, Organized crime
January 2008 - present
Independent Researcher
Independent Researcher

Publications

Publications (1,035)
Article
The importance of understanding and explaining the associated classification results in the utilization of artificial intelligence (AI) in many different practical applications has contributed to the trend of moving away from black-box AI towards explainable AI (XAI). In this paper, we propose the first interpretable autoencoder based on decision t...
Chapter
Digital technologies are becoming more engrained in our daily life and society (e.g., smart city and smart nation), and these technologies can be both the target of and tool used to facilitate a broad range of malicious cyber activities. This reinforces the importance of disciplines such as digital forensics. Digital forensics is a relatively new,...
Article
Full-text available
As the aviation sector becomes digitized and increasingly reliant on wireless technology, so has its attractiveness to cyber attackers including nation-state actors and terrorists. For example, vulnerabilities in the broad range of interconnected devices and (sub)systems, their implementations, as well as design flaws, can be exploited to carry out...
Article
User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardwar...
Chapter
In this paper, we propose a privacy-preserving contact tracing protocol for smart phones, and more specifically Android and iOS phones. The protocol allows users to be notified, if they have been a close contact of a confirmed patient. The protocol is designed to strike a balance between privacy, security, and scalability. Specifically, the app all...
Article
Full-text available
Over the past decade, unmanned airborne vehicles (UAVs; widely known as drones) are quickly being deployed in various civilian as well as military applications. Drones can self-organize into a connected swarm (Flying Ad Hoc Networks – FANETs) to complete various challenging missions. As the primary building block of Internet-of-Drones (IoD), FANETs...
Article
With the proliferation of electric vehicles (EVs), private charging pile (PCP) sharing networks are likely to be an integral part of future smart cities, especially in places with limited public charging infrastructure. However, there are a number of operational challenges associated with the deployment of PCPs in such a shared and untrusted enviro...
Article
Significant amounts of data are generated in different formats (e.g., text, audio, and video) in online social networks and from other online sources, which can be mined to facilitate decision-making in different applications. However, it is nontrivial to preserve user and/or data privacy when we are analyzing data from multiple sources, with diffe...
Article
With the popularity of location based services, spatial keyword query has become an important application. In order to save the storage and computational costs, most data owners will outsource the data to the cloud server, but this will lead to two problems, such as privacy leakage and heavy network bandwidth burden. To solve above problems, we pro...
Article
Full-text available
The integration of phasor measurement units (PMUs and phasor data concentrators (PDCs in smart grids may be exploited by attackers to initiate new and sophisticated false data injection (FDI attacks. Existing FDI attack mitigation approaches are generally less effective against sophisticated FDI attacks, such as collusive false data injection (CFDI...
Article
Unlike general routing strategies, network coding (NC) can combine encoding functions with multi-path propagation over a network. This allows network capacity to be achieved to support complex security solutions. Moreover, NC has intrinsic security advantages against passive attacks over traditional routing techniques. However, due to the transmiss...
Article
Internet of Things (IoT) devices and systems are becoming increasingly commonplace, and as such systems scale up, so do the computational and storage requirements. Hence, one recent trend is to outsource data from IoT devices to remote systems. To facilitate both ciphertext retrieval and data confidentiality in the outsourced data, a number of sear...
Article
The Industrial Internet of Things (IIoT), a typical Internet of Things (IoT) application, integrates the global industrial system with other advanced computing, analysis, and sensing technologies through Internet connectivity. Due to the limited storage and computing capacity of edge and IIoT devices, data sensed and collected by these devices are...
Article
Ensuring the security of cloud storage services is an ongoing challenge, due to the increasingly complex and dynamic threat landscape. One particular challenge is how to design security and efficient data encryption approaches. For example, the key used to encrypt data is generally a string of long random number, and this key is uploaded to the clo...
Article
Routing protocols play an important role in the communication and information distribution within an Internet of Things (IoT) system. RPL is one such popular routing protocol for IoT devices and systems. However, security in RPL is an afterthought, and it does not meet the demands of today’s complex cyberthreat landscape. Focusing on sybil attack d...
Article
Cross-site scripting (XSS) has been extensively studied, although mitigating such attacks in web applications remains challenging. While there is an increasing number of XSS attack detection approaches designed based on machine learning and deep learning algorithms, it is important to study and evaluate the reliability and security of these approac...
Article
Full-text available
For reliable and relevant scientific evidence to be admitted in a court of law, it is important to apply digital forensic investigation techniques to corroborate a suspected potential security incident. Mainly, traditional digital forensics techniques have focused on computer desktops and servers. However, recent advances in digital media and platf...
Article
Medical practitioners generally rely on multimodal brain images, for example based on the information from the axial, coronal, and sagittal views, to inform brain tumor diagnosis. Hence, to further utilize the 3D information embedded in such datasets, this paper proposes a multi-view dynamic fusion framework (hereafter, referred to as MVFusFra) to...
Article
Electric vehicles (EVs) have been increasingly adopted by both developing and developed countries as an effective means to cope with energy shortage and provide environmental-friendly transportation solutions. However, due to technology gap, domestic electric vehicles (DEVs) in developing countries often cannot compete with well-established importe...
Article
With the increase of participants data and the number of smart meters in smart grid, the efficiency and privacy protection of electricity trading are remaining challenging. To reduce the cost and latency of electricity trading, we design a new architecture for smart meters that can support in-stu transactions by blockchain wallet and initiate trans...
Article
Ensuring the security and privacy of users and data in a mobile edge computing (MEC) deployment, without affecting performance, latency and and user quality of experience remains challenging. For example, in this paper we revisit an identity-based anonymous authentication scheme designed for MEC deployment. Then, we reveal that the scheme is vulner...
Article
It is increasingly challenging to deal with the volume,variety, velocity, and veracity of misinformation (e.g., dissemination of fake news contents, spurious posts, and fabricated images/videos) from different online platforms. In this article, we present an overview of existing machine learning and information hiding-based misinformation detection...
Article
Symmetric Searchable Encryption (SSE) schemes facilitate searching over encrypted data, and have been extensively explored to improve function, efficiency or security. There are, however, additional functions that we need to consider in a real-world setting. For example, forward and backward privacy are required to adequately secure newly added doc...
Article
Full-text available
Hadoop Distributed File System (HDFS) is one of the widely used distributed file systems in Big Data analysis for frameworks such as Hadoop. It is used to manage a large volume of data with low-cost commodity hardware. However, vulnerabilities in HDFS can be exploited for nefarious activities, as the security seems to be inconsistent and not of a p...
Article
In this paper, we demonstrate the potential of using both blockchain and searchable encryption to build a medical data-sharing platform, which allows one to uniformly search for patients' (encrypted) data in different medical institutions. Building on the assumption that medical records are stored locally by the hospital, we use smart contracts to...
Article
Full-text available
The global trend toward integration of distributed energy resources is opening doors to advanced, complex, and distributed marketplaces. Such advanced ecosystems, where utility-owned and non utility-owned assets can contribute toward grid operations, generally require distributed communication and grid architectures. We posit the potential of using...
Article
Full-text available
There has been increased interest in applying artificial intelligence (AI) in various settings to inform decision-making and facilitate predictive analytics. In recent times, there have also been attempts to utilize blockchain (a peer-to-peer distributed system) to facilitate AI applications, for example, in secure data sharing (for model training)...
Article
While 5G can facilitate high-speed Internet access and make over-the-horizon control a reality for unmanned aerial vehicles (UAVs; also known as drones), there are also potential security and privacy considerations, for example, authentication among drones. Centralized authentication approaches not only suffer from a single point of failure, but th...
Article
Network traffic classification (NTC) plays an important role in cyber security and network performance, for example in intrusion detection and facilitating a higher quality of service. However, due to the unbalanced nature of traffic datasets, NTC can be extremely challenging and poor management can degrade classification performance. While existin...
Article
This Special Section on "AI-Enabled Threat Intelligence and Hunting Microservices for Distributed Industrial IoT System" highlights the main research challenges in the AI-based security and privacy Microservices for IIoT systems. Of the 39 submissions, seven papers were eventually accepted after undergoing several rounds of rigorous peer reviews (i...
Article
Real-time navigation is a fundamental service with the emerging techniques of intelligent transportation and crowdsensing. Unfortunately, the breach of location privacy significantly impedes its wide adoption. Most existing state-of-the-art exploit either pseudonyms or public key fully homomorphic encryption (FHE) to protect location privacy, which...
Article
The concepts between Internet of Things (IoT) and edge computing are increasingly intertwined, as an edge computing architecture generally comprises a (large) number of diverse IoT devices. This, however, increases the potential attack vectors since any one of these connected IoT devices can be targeted to facilitate other malicious cyber activitie...
Article
One existing challenge associated with large scale skyline queries on cloud services, particularly when dealing with private information such as biomedical data, is supporting multi-party queries with curious-but-honest parties on encrypted data. In addition, existing solutions designed for performing secure skyline queries incur significant commun...
Article
Self-organizing vehicular social networks underpin many location-based services (LBS) such as those that collect and share environmental information (e.g., traffic and weather conditions) among vehicular users and the infrastructure. There are, however, security and privacy considerations in the sharing of such information, and one popular approach...
Article
The increasing awareness in privacy has partly contributed to the renewed interest in privacy-preserving encrypted image retrieval, and designing for outsourced images stored on cloud servers, etc. However, there are some limitations in these existing schemes such as low retrieval accuracy, low retrieval efficiency, and less efficient result verifi...
Article
Full-text available
The importance of demonstrating the correctness of forensic analysis tools and automated incident management tools reinforces the need for a finite state machine (FSM) engine that can generate automated forensic processes. Hence, in this paper, we present an event-based FSM representation for Cloud Forensic Readiness as a Service (CFRaaS), where we...
Article
Blockchain allows for secure management of a shared ledger by agreement protocols, where transactions are validated over network without central authorities. Although the agreement protocol has been thoroughly conducted of propagation and consensus researches, mobility of nodes in unstructured overlay networks has not received much attention. Besid...
Article
As cryptocurrency and blockchain-related assets become more common in our digital society, there is a corresponding need to secure our digital assets, including the private keys used to secure access to such assets (e.g., due to loss or corruption of the data storage medium). However, there are limitations in existing blockchain-related asset manag...
Article
In this paper, we introduce a robust authentication protocol for Vehicle-to-Grid (V2G) communication through lightweight and secure cryptographic primitives. In addition, we utilize signcrypt and unsigncrypt functions which facilitate the consumers to have secure access to the services. The security evaluation of the introduced framework shows its...
Article
Ciphertext retrieval under heterogeneous datasets is a critical concern in the cloud-assisted Internet of Things (IoT). Previous ciphertext retrieval schemes eliminate computation burden and security concerns to some extent, but cannot support the encrypted heterogeneous datasets. To solve this problem, in this paper we propose a transparent cipher...
Article
Ranked keyword search has gained increasing attention due to its attractive advantages such as flexibility and accessibility. However, most existing ranked keyword search schemes ignore the semantic associations between the documents and queries. To solve this challenging issue in cloud-assisted edge computing, we first design the Semantic-aware Ra...
Article
Vehicular Ad hoc Networks (VANETs) play an increasing role in a number of applications, particularly those associated with location-based services (e.g., spatial keyword searches -- SKS). However, there is a need to strike a balance between privacy guarantee and search efficiency, and existing SKS solutions cannot be directly implemented in VANETs....
Article
Controller Area Network (CAN) bus anomaly detection on the Internet of Vehicle (IoV) is a topic of ongoing interest and increasing importance, particularly as IoV becomes commonplace. However, existing abnormal detection schemes are not ideal due to the lack of abnormal data in IoV and the difficulty of parsing the diverse message rules in existing...
Article
Full-text available
In 2020, business operations were changed around the world due to disruptions of COVID-19, forcing organizations to migrate their workforce to a new Work From Home (nWFH) model quickly, and with limited planning, design or testing. As a result, new data security threats have emerged. This study aims to examine an insider-related threat to organizat...
Article
There are a number of benefits associated with the deployment of fog computing, for example, by analyzing and computing data from Internet-of-Things (IoT) devices at the fog nodes reduce the bandwidth, computational, and storage overheads at the cloud servers and improve user quality of experience (e.g., due to reduced latency). However, there are...
Article
Searchable Symmetric Encryption (SSE), which enables users to search over encrypted data without decryption, has gained increasing attention from both academic and industrial fields. However, existing SSE schemes either have low search efficiency or cannot support multi-keyword search, dynamic updates, and result verification simultaneously. To sol...
Article
Space information networks (SINs) can be viewed as an expansion of a conventional network with a strong demand for high-speed, reliable, and real-time wireless communication, especially in extreme circumstances. However, there are a number of challenges associated with deploying SINs. With the emergence and wide application of blockchain technology...
Article
Full-text available
Advances in synthetic biology and nanotechnology have contributed to the design of tools that can be used to control, reuse, modify, and re-engineer cells' structure, as well as enabling engineers to effectively use biological cells as programmable substrates to realize Bio-NanoThings (biological embedded computing devices). Bio-NanoThings are gene...
Article
In addition to accuracy, another key desirable characteristic of a classifier is interpretability. While there have been attempts to design contrast pattern-based models that support competitive and understandable classifiers, the utility of contrast patterns on the one-class classification problem is an under-explored area. In this paper, we propo...
Article
Realistic case studies are essential to training successful digital forensics examiners. However, the generation of realistic datasets is time-consuming and resource taxing. This paper presents a technical solution that populates Android emulators with realistic mobile forensic data. The emulator's data can be extracted into a raw disk image that i...
Article
Federated learning has become prevalent in medical diagnosis due to its effectiveness in training a federated model among multiple health institutions (i.e., Data Islands (DIs)). However, increasingly massive DI-level poisoning attacks have shed light on a vulnerability in federated learning, which inject poisoned data into certain DIs to corrupt t...
Article
Full-text available
Distributed denial of service (DDoS) attacks remain challenging to mitigate in existing systems, including in-home networks that comprise different Internet of Things (IoT) devices. In this paper, we present a DDoS traffic detection model that uses a boosting method of logistic model trees for different IoT device classes. Specifically, a different...
Article
In existing ensemble learning algorithms (e.g., random forest), each base learner’s model needs the entire dataset for sampling and training. However, this may not be practical in many real-world applications, and it incurs additional computational costs. To achieve better efficiency, we propose a decentralized framework: Multi-Agent Ensemble. The...
Article
The Internet of Vehicles (IoV) environment consists of a number of latency-critical and data-intensive application (e.g., real-time video analytics). In this paper, we posit the potential of leveraging the sixth generation (6G) mobile networks to minimize communications delay, particularly for latency-critical task execution. In particular, 6G-enab...
Article
EXplainable artificial intelligence (XAI) is an emerging research area relating to the creation of machine learning algorithms from which explanations for outputs are provided. In many fields, such as law enforcement, it is necessary that decisions made by and with the assistance of artificial intelligence (AI)-based tools can be justified and expl...
Article
The outsourcing of data is becoming increasingly commonplace as data is constantly been synchronized between user systems (e.g., personal computers and sensor devices) and cloud computing servers. However, for the consideration of data privacy, it is necessary to encrypt sensitive data prior to outsourcing. Limitations such as measurement, network...
Article
As quantum computers become more affordable and commonplace, existing security systems that are based on classical cryptographic primitives, such as RSA and Elliptic Curve Cryptography ( ECC ), will no longer be secure. Hence, there has been interest in designing post-quantum cryptographic ( PQC ) schemes, such as those based on lattice-based crypt...
Article
Increasingly, one should assume that the (digital) environment, e.g., Internet-of-Things (IoT) systems, we operate in is untrusted. In other words, this is a zero trust environment, in the sense that all devices and systems can be compromised and hence, untrusted. However, information sharing in a zero trust environment is more challenging, in comp...
Article
Full-text available
During emergency situations, a quick and concise summary from the deluge of messages improves “situation awareness” and enables informed decisions. However, this is challenging due to the volume, variety, and veracity of information. Grounded in the Situation Awareness Theory, this study presents a streamlined protocol to process millions of social...
Article
To ensure the security of images outsourced to the malicious cloud without affecting searchability on such outsourced (typically encrypted) images, one could use privacy-preserving Content-Based Image Retrieval (CBIR) primitive. However, conventional privacy-preserving CBIR schemes based on Searchable Symmetric Encryption (SSE) are not capable of s...
Preprint
Full-text available
To ensure the privacy of sensitive data used in the training of deep learning models, a number of privacy-preserving methods have been designed by the research community. However, existing schemes are generally designed to work with textual data, or are not efficient when a large number of images is used for training. Hence, in this paper we propos...
Preprint
Full-text available
As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user's sensitive information (e.g., personally identifiable i...
Preprint
Full-text available
Internet of Things (IoT) devices are becoming ubiquitous in our lives, with applications spanning from the consumer domain to commercial and industrial systems. The steep growth and vast adoption of IoT devices reinforce the importance of sound and robust cybersecurity practices during the device development life-cycles. IoT-related vulnerabilities...
Article
Patent analysis is crucial for technology monitoring, forecasting, and assessment, and facilitates entrepreneurs and different stakeholder groups to develop forward-looking technologies and business strategies. However, the speed and scale in the development of disruptive technologies, such as blockchain, present a challenge for analysts and expert...
Article
While electric vehicle charging is an emerging application in smart grids, a number of challenges that need to be addressed before electric vehicle charging can become more commonplace. For example, the wireless communications between vehicle users and aggregators can be subject to exploitation and hence, several authentication schemes have been de...
Conference Paper
Full-text available
As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user’s sensitive information (e.g., personally identifiable i...
Article
With the large-scaled data generated from various interconnected machines and networks, Industrial Internet of Things (IIoT) provides unprecedented opportunities for facilitating data mining for industrial applications. The current IIoT architecture tends to adopt cloud computing for further timely mining IIoT data, however, the openness of securit...