Kim-Kwang Raymond ChooThe University of Texas at San Antonio | UTSA · Department of Information Systems and Cyber Security
Kim-Kwang Raymond Choo
PhD
About
1,037
Publications
531,146
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
51,634
Citations
Introduction
Additional affiliations
March 2011 - present
University of South Australia
January 2008 - present
Independent Researcher
February 2006 - July 2006
Publications
Publications (1,037)
Cryptocurrencies have dramatically increased adoption in mainstream applications in various fields such as financial and online services, however, there are still a few amounts of cryptocurrency transactions that involve illicit or criminal activities. It is essential to identify and monitor addresses associated with illegal behaviors to ensure the...
With the increasing attention to deep neural network (DNN) models, attacks are also upcoming for such models. For example, an attacker may carefully construct images in specific ways (also referred to as adversarial examples) aiming to mislead the DNN models to output incorrect classification results. Similarly, many efforts are proposed to detect...
The training of state-of-the-art deep learning models generally requires significant high-quality data, including personal and sensitive data. To ensure privacy of the sensitive data used in training deep learning models, many methods have been designed by the research community. However, it has been observed that many privacy-preserving approaches...
While encryption can prevent unauthorized access to a secret message, it does not provide undetectability of covert communications over the public network. Implementing a highly latent data exchange, especially with low eavesdropping/discovery probability, is challenging for practical scenarios, such as social and political movements in authoritari...
With the increasing attention to deep neural network (DNN) models, attacks are also upcoming for such models. For example, an attacker may carefully construct images in specific ways (also referred to as adversarial examples) aiming to mislead the DNN models to output incorrect classification results. Similarly, many efforts are proposed to detect...
User authentication remains a challenging issue, despite the existence of a large number of proposed solutions, such as traditional text-based, graphical-based, biometrics-based, web-based, and hardware-based schemes. For example, some of these schemes are not suitable for deployment in an Internet of Things (IoT) setting, partly due to the hardwar...
It is increasingly challenging to deal with the volume,variety, velocity, and veracity of misinformation (e.g., dissemination of fake news contents, spurious posts, and fabricated images/videos) from different online platforms. In this article, we present an overview of existing machine learning and information hiding-based misinformation detection...
The importance of understanding and explaining the associated classification results in the utilization of artificial intelligence (AI) in many different practical applications has contributed to the trend of moving away from black-box AI towards explainable AI (XAI). In this paper, we propose the first interpretable autoencoder based on decision t...
In recent times, there have been attempts to leverage artificial intelligence (AI) techniques in a broad range of cyber security applications. Therefore, this paper surveys the existing literature (comprising 54 papers mainly published between 2016 and 2020) on the applications of AI in user access authentication, network situation awareness, dange...
Digital technologies are becoming more engrained in our daily life and society (e.g., smart city and smart nation), and these technologies can be both the target of and tool used to facilitate a broad range of malicious cyber activities. This reinforces the importance of disciplines such as digital forensics. Digital forensics is a relatively new,...
As the aviation sector becomes digitized and increasingly reliant on wireless technology, so has its attractiveness to cyber attackers including nation-state actors and terrorists. For example, vulnerabilities in the broad range of interconnected devices and (sub)systems, their implementations, as well as design flaws, can be exploited to carry out...
In this paper, we propose a privacy-preserving contact tracing protocol for smart phones, and more specifically Android and iOS phones. The protocol allows users to be notified, if they have been a close contact of a confirmed patient. The protocol is designed to strike a balance between privacy, security, and scalability. Specifically, the app all...
Over the past decade, unmanned airborne vehicles (UAVs; widely known as drones) are quickly being deployed in various civilian as well as military applications. Drones can self-organize into a connected swarm (Flying Ad Hoc Networks – FANETs) to complete various challenging missions. As the primary building block of Internet-of-Drones (IoD), FANETs...
With the proliferation of electric vehicles (EVs), private charging pile (PCP) sharing networks are likely to be an integral part of future smart cities, especially in places with limited public charging infrastructure. However, there are a number of operational challenges associated with the deployment of PCPs in such a shared and untrusted enviro...
Significant amounts of data are generated in different formats (e.g., text, audio, and video) in online social networks and from other online sources, which can be mined to facilitate decision-making in different applications. However, it is nontrivial to preserve user and/or data privacy when we are analyzing data from multiple sources, with diffe...
With the popularity of location based services, spatial keyword query has become an important application. In order to mininize storage and computational costs, most data owners will outsource the data to the cloud server. There are, however, implications such as potential for privacy leakage and network bandwidth overheads. To solve the above prob...
The integration of phasor measurement units (PMUs and phasor data concentrators (PDCs in smart grids may be exploited by attackers to initiate new and sophisticated false data injection (FDI attacks. Existing FDI attack mitigation approaches are generally less effective against sophisticated FDI attacks, such as collusive false data injection (CFDI...
Unlike general routing strategies, network coding (NC) can combine encoding functions with multi-path propagation over a network. This allows network capacity to be achieved to support complex security solutions. Moreover, NC has intrinsic security advantages against passive attacks over traditional routing techniques. However, due to the transmiss...
Internet of Things (IoT) devices and systems are becoming increasingly commonplace, and as such systems scale up, so do the computational and storage requirements. Hence, one recent trend is to outsource data from IoT devices to remote systems. To facilitate both ciphertext retrieval and data confidentiality in the outsourced data, a number of sear...
The Industrial Internet of Things (IIoT), a typical Internet of Things (IoT) application, integrates the global industrial system with other advanced computing, analysis, and sensing technologies through Internet connectivity. Due to the limited storage and computing capacity of edge and IIoT devices, data sensed and collected by these devices are...
Ensuring the security of cloud storage services is an ongoing challenge, due to the increasingly complex and dynamic threat landscape. One particular challenge is how to design security and efficient data encryption approaches. For example, the key used to encrypt data is generally a string of long random number, and this key is uploaded to the clo...
Routing protocols play an important role in the communication and information distribution within an Internet of Things (IoT) system. RPL is one such popular routing protocol for IoT devices and systems. However, security in RPL is an afterthought, and it does not meet the demands of today’s complex cyberthreat landscape. Focusing on sybil attack d...
Cross-site scripting (XSS) has been extensively studied, although mitigating such attacks in web applications remains challenging. While there is an increasing number of XSS attack detection approaches designed based on machine learning and deep learning algorithms, it is important to study and evaluate the reliability and security of these approac...
For reliable and relevant scientific evidence to be admitted in a court of law, it is important to apply digital forensic investigation techniques to corroborate a suspected potential security incident. Mainly, traditional digital forensics techniques have focused on computer desktops and servers. However, recent advances in digital media and platf...
Medical practitioners generally rely on multimodal brain images, for example based on the information from the axial, coronal, and sagittal views, to inform brain tumor diagnosis. Hence, to further utilize the 3D information embedded in such datasets, this paper proposes a multi-view dynamic fusion framework (hereafter, referred to as MVFusFra) to...
Electric vehicles (EVs) have been increasingly adopted by both developing and developed countries as an effective means to cope with energy shortage and provide environmental-friendly transportation solutions. However, due to technology gap, domestic electric vehicles (DEVs) in developing countries often cannot compete with well-established importe...
With the increase of participants data and the number of smart meters in smart grid, the efficiency and privacy protection of electricity trading are remaining challenging. To reduce the cost and latency of electricity trading, we design a new architecture for smart meters that can support in-stu transactions by blockchain wallet and initiate trans...
Ensuring the security and privacy of users and data in a mobile edge computing (MEC) deployment, without affecting performance, latency and and user quality of experience remains challenging. For example, in this paper we revisit an identity-based anonymous authentication scheme designed for MEC deployment. Then, we reveal that the scheme is vulner...
Symmetric Searchable Encryption (SSE) schemes facilitate searching over encrypted data, and have been extensively explored to improve function, efficiency or security. There are, however, additional functions that we need to consider in a real-world setting. For example, forward and backward privacy are required to adequately secure newly added doc...
Hadoop Distributed File System (HDFS) is one of the widely used distributed file systems in Big Data analysis for frameworks such as Hadoop. It is used to manage a large volume of data with low-cost commodity hardware. However, vulnerabilities in HDFS can be exploited for nefarious activities, as the security seems to be inconsistent and not of a p...
In this paper, we demonstrate the potential of using both blockchain and searchable encryption to build a medical data-sharing platform, which allows one to uniformly search for patients' (encrypted) data in different medical institutions. Building on the assumption that medical records are stored locally by the hospital, we use smart contracts to...
The global trend toward integration of distributed energy resources is opening doors to advanced, complex, and distributed marketplaces. Such advanced ecosystems, where utility-owned and non utility-owned assets can contribute toward grid operations, generally require distributed communication and grid architectures. We posit the potential of using...
There has been increased interest in applying artificial intelligence (AI) in various settings to inform decision-making and facilitate predictive analytics. In recent times, there have also been attempts to utilize blockchain (a peer-to-peer distributed system) to facilitate AI applications, for example, in secure data sharing (for model training)...
While 5G can facilitate high-speed Internet access and make over-the-horizon control a reality for unmanned aerial vehicles (UAVs; also known as drones), there are also potential security and privacy considerations, for example, authentication among drones. Centralized authentication approaches not only suffer from a single point of failure, but th...
Network traffic classification (NTC) plays an important role in cyber security and network performance, for example in intrusion detection and facilitating a higher quality of service. However, due to the unbalanced nature of traffic datasets, NTC can be extremely challenging and poor management can degrade classification performance. While existin...
Industrial Internet of Things (IIoT) systems are increasingly found in settings such as factories, smart cities/nations, and healthcare institutions. These systems facilitate the interconnection of automation and data analytics across different industrial technologies, such as cyber-physical systems, Internet of Things (IoT), and cloud and edge com...
Real-time navigation is a fundamental service with the emerging techniques of intelligent transportation and crowdsensing. Unfortunately, the breach of location privacy significantly impedes its wide adoption. Most existing state-of-the-art exploit either pseudonyms or public key fully homomorphic encryption (FHE) to protect location privacy, which...
The concepts between Internet of Things (IoT) and edge computing are increasingly intertwined, as an edge computing architecture generally comprises a (large) number of diverse IoT devices. This, however, increases the potential attack vectors since any one of these connected IoT devices can be targeted to facilitate other malicious cyber activitie...
One existing challenge associated with large scale skyline queries on cloud services, particularly when dealing with private information such as biomedical data, is supporting multi-party queries with curious-but-honest parties on encrypted data. In addition, existing solutions designed for performing secure skyline queries incur significant commun...
Self-organizing vehicular social networks underpin many location-based services (LBS) such as those that collect and share environmental information (e.g., traffic and weather conditions) among vehicular users and the infrastructure. There are, however, security and privacy considerations in the sharing of such information, and one popular approach...
The increasing awareness in privacy has partly contributed to the renewed interest in privacy-preserving encrypted image retrieval, and designing for outsourced images stored on cloud servers, etc. However, there are some limitations in these existing schemes such as low retrieval accuracy, low retrieval efficiency, and less efficient result verifi...
The importance of demonstrating the correctness of forensic analysis tools and automated incident management tools reinforces the need for a finite state machine (FSM) engine that can generate automated forensic processes. Hence, in this paper, we present an event-based FSM representation for Cloud Forensic Readiness as a Service (CFRaaS), where we...
Blockchain allows for secure management of a shared ledger by agreement protocols, where transactions are validated over network without central authorities. Although the agreement protocol has been thoroughly conducted of propagation and consensus researches, mobility of nodes in unstructured overlay networks has not received much attention. Besid...
As cryptocurrency and blockchain-related assets become more common in our digital society, there is a corresponding need to secure our digital assets, including the private keys used to secure access to such assets (e.g., due to loss or corruption of the data storage medium). However, there are limitations in existing blockchain-related asset manag...
In this paper, we introduce a robust authentication protocol for Vehicle-to-Grid (V2G) communication through lightweight and secure cryptographic primitives. In addition, we utilize signcrypt and unsigncrypt functions which facilitate the consumers to have secure access to the services. The security evaluation of the introduced framework shows its...
Ciphertext retrieval under heterogeneous datasets is a critical concern in the cloud-assisted Internet of Things (IoT). Previous ciphertext retrieval schemes eliminate computation burden and security concerns to some extent, but cannot support the encrypted heterogeneous datasets. To solve this problem, in this paper we propose a transparent cipher...
Ranked keyword search has gained Ranked keyword search has gained traction due to its attractive properties such as flexibility and accessibility. However, most existing ranked keyword search schemes ignore the semantic associations between the documents and queries. To solve this challenging issue in cloud-assisted edge computing, we first design...
Vehicular Ad hoc Networks (VANETs) play an increasingly important role in a number of applications, particularly those associated with location-based services (e.g., spatial keyword searches – SKS). However, there is a need to strike a balance between privacy guarantee and search efficiency, and existing SKS solutions cannot be directly implemented...
Controller Area Network (CAN) bus anomaly detection on the Internet of Vehicle (IoV) is a topic of ongoing interest and increasing importance, particularly as IoV becomes commonplace. However, existing abnormal detection schemes are not ideal due to the lack of abnormal data in IoV and the difficulty of parsing the diverse message rules in existing...
In 2020, business operations were changed around the world due to disruptions of COVID-19, forcing organizations to migrate their workforce to a new Work From Home (nWFH) model quickly, and with limited planning, design or testing. As a result, new data security threats have emerged. This study aims to examine an insider-related threat to organizat...
There are a number of benefits associated with the deployment of fog computing, for example, by analyzing and computing data from Internet-of-Things (IoT) devices at the fog nodes reduce the bandwidth, computational, and storage overheads at the cloud servers and improve user quality of experience (e.g., due to reduced latency). However, there are...
Searchable Symmetric Encryption (SSE), which enables users to search over encrypted data without decryption, has gained increasing attention from both academic and industrial fields. However, existing SSE schemes either have low search efficiency or cannot support multi-keyword search, dynamic updates, and result verification simultaneously. To sol...
Space information networks (SINs) can be viewed as an expansion of a conventional network with a strong demand for high-speed, reliable, and real-time wireless communication, especially in extreme circumstances. However, there are a number of challenges associated with deploying SINs. With the emergence and wide application of blockchain technology...
Advances in synthetic biology and nanotechnology have contributed to the design of tools that can be used to control, reuse, modify, and re-engineer cells' structure, as well as enabling engineers to effectively use biological cells as programmable substrates to realize Bio-NanoThings (biological embedded computing devices). Bio-NanoThings are gene...
In addition to accuracy, another key desirable characteristic of a classifier is interpretability. While there have been attempts to design contrast pattern-based models that support competitive and understandable classifiers, the utility of contrast patterns on the one-class classification problem is an under-explored area. In this paper, we propo...
Realistic case studies are essential to training successful digital forensics examiners. However, the generation of realistic datasets is time-consuming and resource taxing. This paper presents a technical solution that populates Android emulators with realistic mobile forensic data. The emulator's data can be extracted into a raw disk image that i...
Federated learning has become prevalent in medical diagnosis due to its effectiveness in training a federated model among multiple health institutions (i.e., Data Islands (DIs)). However, increasingly massive DI-level poisoning attacks have shed light on a vulnerability in federated learning, which inject poisoned data into certain DIs to corrupt t...
Distributed denial of service (DDoS) attacks remain challenging to mitigate in existing systems, including in-home networks that comprise different Internet of Things (IoT) devices. In this paper, we present a DDoS traffic detection model that uses a boosting method of logistic model trees for different IoT device classes. Specifically, a different...
In existing ensemble learning algorithms (e.g., random forest), each base learner’s model needs the entire dataset for sampling and training. However, this may not be practical in many real-world applications, and it incurs additional computational costs. To achieve better efficiency, we propose a decentralized framework: Multi-Agent Ensemble. The...
The Internet of Vehicles (IoV) environment consists of a number of latency-critical and data-intensive application (e.g., real-time video analytics). In this paper, we posit the potential of leveraging the sixth generation (6G) mobile networks to minimize communications delay, particularly for latency-critical task execution. In particular, 6G-enab...
EXplainable artificial intelligence (XAI) is an emerging research area relating to the creation of machine learning algorithms from which explanations for outputs are provided. In many fields, such as law enforcement, it is necessary that decisions made by and with the assistance of artificial intelligence (AI)-based tools can be justified and expl...
The outsourcing of data is becoming increasingly commonplace as data is constantly been synchronized between user systems (e.g., personal computers and sensor devices) and cloud computing servers. However, for the consideration of data privacy, it is necessary to encrypt sensitive data prior to outsourcing. Limitations such as measurement, network...
As quantum computers become more affordable and commonplace, existing security systems that are based on classical cryptographic primitives, such as RSA and Elliptic Curve Cryptography ( ECC ), will no longer be secure. Hence, there has been interest in designing post-quantum cryptographic ( PQC ) schemes, such as those based on lattice-based crypt...
Increasingly, one should assume that the (digital) environment, e.g., Internet-of-Things (IoT) systems, we operate in is untrusted. In other words, this is a zero trust environment, in the sense that all devices and systems can be compromised and hence, untrusted. However, information sharing in a zero trust environment is more challenging, in comp...
During emergency situations, a quick and concise summary from the deluge of messages improves “situation awareness” and enables informed decisions. However, this is challenging due to the volume, variety, and veracity of information. Grounded in the Situation Awareness Theory, this study presents a streamlined protocol to process millions of social...
To ensure the security of images outsourced to the malicious cloud without affecting searchability on such outsourced (typically encrypted) images, one could use privacy-preserving Content-Based Image Retrieval (CBIR) primitive. However, conventional privacy-preserving CBIR schemes based on Searchable Symmetric Encryption (SSE) are not capable of s...
To ensure the privacy of sensitive data used in the training of deep learning models, a number of privacy-preserving methods have been designed by the research community. However, existing schemes are generally designed to work with textual data, or are not efficient when a large number of images is used for training. Hence, in this paper we propos...
As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user's sensitive information (e.g., personally identifiable i...
Internet of Things (IoT) devices are becoming ubiquitous in our lives, with applications spanning from the consumer domain to commercial and industrial systems. The steep growth and vast adoption of IoT devices reinforce the importance of sound and robust cybersecurity practices during the device development life-cycles. IoT-related vulnerabilities...
Patent analysis is crucial for technology monitoring, forecasting, and assessment, and facilitates entrepreneurs and different stakeholder groups to develop forward-looking technologies and business strategies. However, the speed and scale in the development of disruptive technologies, such as blockchain, present a challenge for analysts and expert...
While electric vehicle charging is an emerging application in smart grids, a number of challenges that need to be addressed before electric vehicle charging can become more commonplace. For example, the wireless communications between vehicle users and aggregators can be subject to exploitation and hence, several authentication schemes have been de...
As smartphones and smartphone applications are widely used in a healthcare context (e.g., remote healthcare), these devices and applications may need to comply with the Health Insurance Portability and Accountability Act (HIPAA) of 1996. In other words, adequate safeguards to protect the user’s sensitive information (e.g., personally identifiable i...
With the large-scaled data generated from various interconnected machines and networks, Industrial Internet of Things (IIoT) provides unprecedented opportunities for facilitating data mining for industrial applications. The current IIoT architecture tends to adopt cloud computing for further timely mining IIoT data, however, the openness of securit...
Software-defined networking (SDN) is a network paradigm that decouples control and data planes from network devices and places them into separate entities. In SDN, the controller is responsible for controlling the logic of the entire network while network switches become forwarding elements that follow rules to dispatch flows. There are, however, s...
The outbreak of coronavirus COVID-19 not only brings great disaster to the people of the world, but also brings heavy burden to the medical and health network system. Massive network data traffic and resource optimization requests make traditional network architectures unable to calmly deal with the impact of COVID-19. Artificial intelligence (AI)...
Smart contracts, one of the success stories in blockchain 2.0, have been widely utilized in a broad range of applications, including those involving Internet of Things (IoT). Given the fast-pace nature of the topic, it can be challenging for the research community to keep track of the latest advances. Hence, in this paper, we perform a comprehensiv...
Blind signature is an important cryptographic primitive with widespread applications in secure e-commerce, for example to guarantee participants’ anonymity. Existing blind signature schemes are mostly based on number-theoretic hard problems, which have been shown to be solvable with quantum computers. The National Institute of Standards and Technol...
Outsourcing computations have been an indispensable part to meet the growing demand of computing capability, among which trust problem is one of critical issues to be solved urgently. Fair payment, as a candidate solution, offers the potential for facilitating fair trading among outsourcing computation participants such as users and workers. Howeve...
Blockchain has recently emerged as a research trend, with potential applications in a broad range of industries and context. One particular successful Blockchain technology is smart contract, which is widely used in commercial settings (e.g., high value financial transactions). This, however, has security implications due to the potential to financ...
Artificial intelligence (AI; broadly defined to include Machine Learning and Deep Learning) and automation are two current and reciprocal computing disciplines. As such, AI‐powered software, programs, operating systems, and devices are developed on a massive scale to automate a wide variety of processes and operations. The principal aims of integra...
Voting is a formal expression of opinion or choice, either positive or negative, made by an individual or a group of individuals. However, conventional voting systems tend to be centralized, which are known to suffer from security and efficiency limitations. Hence, there has been a trend of moving to decentralized voting systems, such as those base...