Journal of Computing and Security
Volume:6 Issue: 1, Winter and Spring 2019

Recently, the approach towards mining various opinions on weblogs, forums and websites has gained attentions and interests of numerous researchers. In this regard, feature-based opinion mining has been extensively studied in English documents in order to identify implicit and explicit product features and relevant opinions. However, in case of texts written in Persian language, this task faces serious challenges. The objective of this research is to present an unsupervised method for feature-based opinion mining in Persian; an approach which does not require a labeled training dataset. The proposed method in this paper involves extracting explicit product features. Previous studies dealing with extraction of explicit features often focus on lexical roles of words; the approach which cannot be used in distinguishing between an adjective as a part of a noun or a sentiment word. In this study, in addition to lexical roles, syntactic roles are also considered to extract more relevant explicit features. The results demonstrate that the proposed method has got higher recall and precision values compared to prior studies.

Security analysis of a protocol is an important step toward the public trust on its security. Recently, in 2018, Moradi et al. considered the security of the Wei and Zhang RFID EPC-C1 G2 compliant authentication protocol and presented desynchronization attack and also server/reader impersonation attack against it. Then they proposed an improved version of the protocol. However, in this paper as the first third-party analysis of this protocol to the best of our knowledge, we present an efficient secret disclosure attack with the complexity of only two runs of protocol and doing O(2^{16}) PRNG offline evaluations. We also recommend that designing a secure protocol by using 16-bit CRCs and 16-bit PRNGs in the framework of EPC-C1 G2 may not be possible and changing this standard to allow the use of lightweight cryptographic functions should be inevitable. In this line, we present an improved version of the Moradi et al.protocol and also prove its security both informally and formally, through GNY logic.

CryptoPAi is a hybrid operational-epistemic framework for specification and analysis of security protocols with genuine support for cryptographic constructs. This framework includes a process algebraic formalism for the operational specification and an epistemic extension of modal mu-calculus with past for the property specification. In this paper, we extend CryptoPAi framework with more cryptographic constructs. The main practical motivation for this work came from the domain of e-voting protocols and then we investigate the applicability of the extended framework in this domain. The framework provides explicit support for cryptographic constructs, which is among the most essential ingredients of security and e-voting protocols. Some more advanced cryptographic constructs are provided to allow specifying the behavior ofmore protocols in our process language and then verifying properties expressed in our logic with both temporal and epistemic operators.We apply our extended framework to the FOO e-voting protocol. We also promote the prototype model-checker of the framework in the Maude rewriting logic tool and apply it to model-check some specified properties on their corresponding models.