Biblio

With the popularity of smart devices in the power grid and the advancement of data collection technology, the amount of electricity usage data has exploded in recent years, which is beneficial for optimizing service quality and grid operation. However, current data analysis is mainly based on cloud platforms, which poses challenges to transmission bandwidth, computing resources, and transmission delays. To solve the problem, this paper proposes a graph convolution neural networks (GCNs) based edge-cloud collaborative anomaly detection model. Specifically, the time series is converted into graph data based on visibility graph model, and graph convolutional network model is adopted to classify the labeled graph data for anomaly detection. Then a model segmentation method is proposed to adaptively divide the anomaly detection model between the edge equipment and the back-end server. Experimental results show that the proposed scheme provides an effective solution to edge anomaly detection and can make full use of the computing resources of terminal equipment.

One of the most concerning threats for modern AI systems is data poisoning, where the attacker injects maliciously crafted training data to corrupt the system's behavior at test time. Availability poisoning is a particularly worrisome subset of poisoning attacks where the attacker aims to cause a Denial-of-Service (DoS) attack. However, the state-of-the-art algorithms are computationally expensive because they try to solve a complex bi-level optimization problem (the ``hammer''). We observed that in particular conditions, namely, where the target model is linear (the ``nut''), the usage of computationally costly procedures can be avoided. We propose a counter-intuitive but efficient heuristic that allows contaminating the training set such that the target system's performance is highly compromised. We further suggest a re-parameterization trick to decrease the number of variables to be optimized. Finally, we demonstrate that, under the considered settings, our framework achieves comparable, or even better, performances in terms of the attacker's objective while being significantly more computationally efficient.

The need for cyber resilience is increasingly important in our technology-dependent society, where computing systems, devices and data will continue to be the target of cyber attackers. Hence, we propose a conceptual framework called ‘Human-in-the-Loop Explainable-AI-Enabled Vulnerability Detection, Investigation, and Mitigation’ (HXAI-VDIM). Specifically, instead of resolving complex scenario of security vulnerabilities as an output of an AI/ML model, we integrate the security analyst or forensic investigator into the man-machine loop and leverage explainable AI (XAI) to combine both AI and Intelligence Assistant (IA) to amplify human intelligence in both proactive and reactive processes. Our goal is that HXAI-VDIM integrates human and machine in an interactive and iterative loop with security visualization that utilizes human intelligence to guide the XAI-enabled system and generate refined solutions.

Nowadays security of shared resources and big data is an important and critical issue. With the growth of information technology and social networks, data and resources are shared in the distributed environment such as cloud and fog computing. Various access control models protect the shared resources from unauthorized users or malicious intruders. Despite the attribute-based access control model that meets the complex security requirement of todays' new computing technologies, considerable anomalies and conflicts in ABAC policies affect the efficiency of the security system. One important and toughest task is policy validation thus to detect and eliminate anomalies and conflicts in policies. Though the previous researches identified anomalies, failed to detect and analyze all considerable anomalies that results vulnerable to hacks and attacks. The primary objective of this paper is to study and analyze the possible anomalies and conflicts in ABAC security policies. We have discussed and analyzed considerable conflicts in policies based on previous researches. This paper can provide a detailed review of anomalies and conflicts in security policies.

Traditional grid-centric data storage methods are vulnerable to network attacks or failures due to downtime, causing problems such as data loss or tampering. The security of data storage can be effectively improved by establishing an alliance chain. However, the existing consortium chain consensus algorithm has low scalability, and the consensus time will explode as the number of nodes increases. This paper proposes an improved consensus algorithm (MSBFT) based on multi-signature to address this problem, which spreads data by establishing a system communication tree, reducing communication and network transmission costs, and improving system scalability. By generating schnorr multi-signature as the shared signature of system nodes, the computational cost of verification between nodes is reduced. At the end of the article, simulations prove the superiority of the proposed method.

Given the central importance of designing secure protocols, providing solid mathematical foundations and computer-assisted methods to attest for their correctness is becoming crucial. Here, we elaborate on the formal approach introduced by Bana and Comon in [10], [11], which was originally designed to analyze protocols for a fixed number of sessions, and lacks support for proof mechanization.In this paper, we present a framework and an interactive prover allowing to mechanize proofs of security protocols for an arbitrary number of sessions in the computational model. More specifically, we develop a meta-logic as well as a proof system for deriving security properties. Proofs in our system only deal with high-level, symbolic representations of protocol executions, similar to proofs in the symbolic model, but providing security guarantees at the computational level. We have implemented our approach within a new interactive prover, the Squirrel prover, taking as input protocols specified in the applied pi-calculus, and we have performed a number of case studies covering a variety of primitives (hashes, encryption, signatures, Diffie-Hellman exponentiation) and security properties (authentication, strong secrecy, unlinkability).

Simulating quantum field theories on a quantum computer is one of the most exciting fundamental physics applications of quantum information science. Dynamical time evolution of quantum fields is a challenge that is beyond the capabilities of classical computing, but it can teach us important lessons about the fundamental fabric of space and time. Whether we may answer scientific questions of interest using near-term quantum computing hardware is an open question that requires a detailed simulation study of quantum noise. Here we present a large scale simulation study powered by a multi-node implementation of qsim using the Google Cloud Platform. We additionally employ newly-developed GPU capabilities in qsim and show how Tensor Processing Units — Application-specific Integrated Circuits (ASICs) specialized for Machine Learning — may be used to dramatically speed up the simulation of large quantum circuits. We demonstrate the use of high performance cloud computing for simulating ℤ2 quantum field theories on system sizes up to 36 qubits. We find this lattice size is not able to simulate our problem and observable combination with sufficient accuracy, implying more challenging observables of interest for this theory are likely beyond the reach of classical computation using exact circuit simulation.

The emergence of the 5G network has boosted the advancements in the field of the internet of things (IoT) and edge/cloud computing. We present a novel architecture to detect fire in indoor and outdoor environments, dubbed as EAC-FD, an abbreviation of edge and cloud-based fire detection. Compared with existing frameworks, ours is lightweight, secure, cost-effective, and reliable. It utilizes a hybrid edge and cloud computing framework with Intel neural compute stick 2 (NCS2) accelerator is for inference in real-time with Raspberry Pi 3B as an edge device. Our fire detection model runs on the edge device while also capable of cloud computing for more robust analysis making it a secure system. We compare different versions of SSD-MobileNet architectures with ours suitable for low-end devices. The fire detection model shows a good balance between computational cost frames per second (FPS) and accuracy.

In the era of machine learning, mobile users are able to submit their symptoms to doctors at any time, anywhere for personal diagnosis. It is prevalent to exploit edge computing for real-time diagnosis services in order to reduce transmission latency. Although data-driven machine learning is powerful, it inevitably compromises privacy by relying on vast amounts of medical data to build a diagnostic model. Therefore, it is necessary to protect data privacy without accessing local data. However, the blossom has also been accompanied by various problems, i.e., the limitation of training data, vulnerabilities, and privacy concern. As a solution to these above challenges, in this paper, we design a lightweight privacy-preserving medical diagnosis mechanism on edge. Our method redesigns the extreme gradient boosting (XGBoost) model based on the edge-cloud model, which adopts encrypted model parameters instead of local data to reduce amounts of ciphertext computation to plaintext computation, thus realizing lightweight privacy preservation on resource-limited edges. Additionally, the proposed scheme is able to provide a secure diagnosis on edge while maintaining privacy to ensure an accurate and timely diagnosis. The proposed system with secure computation could securely construct the XGBoost model with lightweight overhead, and efficiently provide a medical diagnosis without privacy leakage. Our security analysis and experimental evaluation indicate the security, effectiveness, and efficiency of the proposed system.

Numerical simulation of fluid flow is a significant research concern during the design process of a machine component that experiences fluid-structure interaction (FSI). State-of-the-art in traditional computational fluid dynamics (CFD) has made CFD reach a relative perfection level during the last couple of decades. However, the accuracy of CFD is highly dependent on mesh size; therefore, the computational cost depends on resolving the minor feature. The computational complexity grows even further when there are multiple physics and scales involved making the approach time-consuming. In contrast, machine learning (ML) has shown a highly encouraging capacity to forecast solutions for partial differential equations. A trained neural network has offered to make accurate approximations instantaneously compared with conventional simulation procedures. This study presents transient fluid flow prediction past a fully immersed body as an integral part of the ML-CFD project. MLCFD is a hybrid approach that involves initialising the CFD simulation domain with a solution forecasted by an ML model to achieve fast convergence in traditional CDF. Initial results are highly encouraging, and the entire time-based series of fluid patterns past the immersed structure is forecasted using a deep learning algorithm. Prepared results show a strong agreement compared with fluid flow simulation performed utilising CFD.

As Internet technology gradually matures, the network structure becomes more complex. Therefore, the attack methods of malicious attackers are more diverse and change faster. Fortunately, due to the substantial increase in computer computing power, machine learning is valued and widely used in various fields. It has also been applied to intrusion detection systems. This study found that due to the imperfect data ratio of the unbalanced flow dataset, the model will be overfitting and the misjudgment rate will increase. In response to this problem, this research proposes to use the Cuckoo system to induce malicious samples to generate malicious traffic, to solve the data proportion defect of the unbalanced traffic dataset.

The randomness, ambiguity and some other uncertainties of trust relationships in Wireless Sensor Networks (WSNs) make existing trust management methods often unsatisfactory in terms of accuracy. This paper proposes a trust evaluation method based on cloud model for malicious node detection. The conversion between qualitative and quantitative sensor node trust degree is achieved. Firstly, nodes cooperate with each other to establish a standard cloud template for malicious nodes and a standard cloud template for normal nodes, so that malicious nodes have a qualitative description to be either malicious or normal. Secondly, the trust cloud template obtained during the interactions is matched against the previous standard templates to achieve the detection of malicious nodes. Simulation results demonstrate that the proposed method greatly improves the accuracy of malicious nodes detection.

In this paper, we propose a multidimensional trust model for vehicular networks. Our model evaluates the trustworthiness of each vehicle using two main modes: 1) Direct Trust Computation DTC related to a direct connection between source and target nodes, 2) Indirect Trust Computation ITC related to indirectly communication between source and target nodes. The principal characteristics of this model are flexibility and high fault tolerance, thanks to an automatic trust scores assessment. In our extensive simulations, we use Total Cost Rate to affirm the performance of the proposed trust model.

With the proliferation of false redundant information on various e-commerce platforms, ineffective recommendations and other untrustworthy behaviors have seriously hindered the healthy development of e-commerce platforms. Modern recommendation systems often use side information to alleviate these problems and also increase prediction accuracy. One such piece of side information, which has been widely investigated, is trust. However, it is difficult to obtain explicit trust relationship data, so researchers infer trust values from other methods, such as the user-to-item relationship. In this paper, addressing the problems, we proposed a novel trust-based recommender model called UITrust, which uses user-item relationship value to improve prediction accuracy. With the improvement the traditional similarity measures by employing the entropies of user and item history ratings to reflect the global rating behavior on both. We evaluate the proposed model using two real-world datasets. The proposed model performs significantly better than the baseline methods. Also, we can use the UITrust to alleviate the sparsity problem associated with correlation-based similarity. In addition to that, the proposed model has a better computational complexity for making predictions than the k-nearest neighbor (kNN) method.

Most of the studies of the existing object detection models are studies to better detect the objects to be detected. The problem of false detection of objects that should not be detected is not considered. When an object detection model that does not take this problem into account is applied to an industrial field close to humans, false detection can lead to a dangerous situation that greatly interferes with human life. To solve this false detection problem, this paper proposes a method of fine-tuning the backbone neural network model of the object detection model using the Outlier Exposure method and applying the class-specific uncertainty constant to the confidence score to detect the object.

The promise of access to contextual expertise, advanced security tools and an increase in staff augmentation coupled with reduced computing costs has indisputably made cloud computing a computing platform of choice, so enticing that many organizations had to migrate some if not all their services to the cloud. Identity-management-as-a-service (IdMaaS), however, is still struggling to mature due to lack of trust. Lack of trust arises from losing control over the identity information (user credentials), identity management system as well as the underlying infrastructure, raising a fear of loss of confidentiality, integrity and availability of both the identities and the identity management system. This paper recognizes the need for a trust framework comprising of both the operational and technical Frameworks as a holistic approach towards enhancing trust in IdMaaS. To this end however, only the operational Framework will form the core of this paper. The success of IdMaaS will add to the suite of other matured identity management technologies, spoiling the would-be identity service consumers with a wide choice of identity management paradigms to pick from, at the same time opening entrepreneurial opportunities to cloud players.

Fog computing plays a critical role in the provisioning of computing tasks in the context of Internet of Things (IoT) services. However, the security of IoT services against breaches and attacks relies heavily on the security of fog resources, which must be properly implemented and managed. Increasing security investments and integrating the security aspect into the core processes and operations of fog computing including resource management will increase IoT service protection as well as the trustworthiness of fog service providers. However, this requires careful modeling of the security requirements of IoT services as well as theoretical and experimental evaluation of the tradeoff between security and performance in fog infrastructures. To this end, this paper explores a new model for fog resource allocation according to security and Quality of Service (QoS). The problem is modeled as a multi-objective linear optimization problem and solved using conventional, off-the-shelf optimizers by applying the preemptive method. Specifically, two objective functions were defined: one representing the satisfaction of the security design requirements of IoT services and another that models the communication delay among the different virtual machines belonging to the same service request, which might be deployed on different intermediary fog nodes. The simulation results show that the optimization is efficient and achieves the required level of scalability in fog computing. Moreover, a tradeoff needs to be pondered between the two criteria during the resource allocation process.

In protocol verification we observe a wide spectrum from fully automated methods to interactive theorem proving with proof assistants like Isabelle/HOL. The latter provide overwhelmingly high assurance of the correctness, which automated methods often cannot: due to their complexity, bugs in such automated verification tools are likely and thus the risk of erroneously verifying a flawed protocol is non-negligible. There are a few works that try to combine advantages from both ends of the spectrum: a high degree of automation and assurance. We present here a first step towards achieving this for a more challenging class of protocols, namely those that work with a mutable long-term state. To our knowledge this is the first approach that achieves fully automated verification of stateful protocols in an LCF-style theorem prover. The approach also includes a simple user-friendly transaction-based protocol specification language embedded into Isabelle, and can also leverage a number of existing results such as soundness of a typed model

Contact tracing is a particularly important part of health care and is often overlooked or forgotten up until right when it is needed the most. With the wave of technological achievements in the last decade, a digital perspective for aid in contact tracing was a natural development from traditional contact tracing. When COVID-19 was categorized as a pandemic, the need for modernized contact tracing solutions became apparent, and highly sought after. Solutions using the Bluetooth protocol and/or Global Positioning System data (GPS) were hastily made available to the public in nations all over the world. These solutions quickly became criticized by privacy experts as being potential tools for tracking.

The federated learning scheme enhances the privacy preservation through avoiding the private data uploading in cloud-edge computing. However, the attacks against the uploaded model updates still cause private data leakage which demotivates the privacy-sensitive participating edge devices. Facing this issue, we aim to design a privacy-preserving incentive mechanism for the federated cloud-edge learning (PFCEL) system such that 1) the edge devices are motivated to actively contribute to the updated model uploading, 2) a trade-off between the private data leakage and the model accuracy is achieved. We formulate the incentive design problem as a three-layer Stackelberg game, where the server-device interaction is further formulated as a contract design problem. Extensive numerical evaluations demonstrate the effectiveness of our designed mechanism in terms of privacy preservation and system utility.

This paper proposes a lightweight digital signing scheme for supporting document signing on mobile devices connected to cloud computing. We employ elliptic curve (ECC) digital signature algorithm (ECDSA) for key pair generation done at mobile device and introduce outsourced proxy (OSP) to decrypt the encrypted file and compute hash value of the files stored in the cloud system. In our model, a mobile client invokes fixed-sized message digests to be signed with a private key stored in the device and produces the digital signature. Then, the signature is returned to the proxy for embedding it onto the original file. To this end, the trust between proxy and mobile devices is guaranteed by PKI technique. Based on the lightweight property of ECC and the modular design of our OSP, our scheme delivers the practical solution that allows mobile users to create their own digital signatures onto documents in a secure and efficient way. We also present the implementation details including system development and experimental evaluation to demonstrate the efficiency of our proposed system.

In this paper, we propose a relational anonymous P2P communication network evaluation model based on Markov chain (AEMC), and show how to extend our model to the anonymous evaluation of sender and receiver relationship anonymity when the attacker attacks the anonymous P2P communication network and obtains some information. Firstly, the constraints of the evaluation model (the attacker assumption for message tracing) are specified in detail; then the construction of AEMC anonymous evaluation model and the specific evaluation process are described; finally, the simulation experiment is carried out, and the evaluation model is applied to the probabilistic anonymous evaluation of the sender and receiver relationship of the attacker model, and the evaluation is carried out from the perspective of user (message).

As a new service-oriented computing paradigm, cloud computing facilitates users to share and use resources. However, due to the dynamic and openness of its operating environment, only relying on traditional identity authentication technology can no longer fully meet the security requirements of cloud computing. The trust evaluation of user behavior has become the key to improve the security of cloud computing. Therefore, in view of some problems existing in our current research on user behavior trust, this paper optimizes and improves the construction of the evaluation index system and the calculation of trust value, and proposes a cloud end-user behavior trust evaluation model based on sliding window. Finally, the model is proved to be scientific and effective by simulation experiments, which has certain significance for the security protection of cloud resources.

With the continuous emergence of cloud computing technology, cloud infrastructure software will become the mainstream application model in the future. Among the databases, relational databases occupy the largest market share. Therefore, the relational cloud database will be the main product of the combination of database technology and cloud computing technology, and will become an important branch of the database industry. This article explores the establishment of an evaluation system framework for relational databases, helping enterprises to select relational cloud database products according to a clear goal and path. This article can help enterprises complete the landing of relational cloud database projects.

Purpose: Determine the main theoretical aspects of managing the resilience of an industrial enterprise in conditions of uncertainty. Method: The static control methods include the technology of the matrix aggregate computer (MAC) and the R-lenses, and the dynamic control methods - the technology based on the 4x6 matrix model. All these methods are based on the results of the theory of fuzzy sets and soft computing. Result: A comparative analysis of the resilience of 82 largest industrial enterprises in five industry classes was carried out, R-lenses were constructed for these classes, and the main factors affecting the resilience of industrial companies were evaluated. Conclusions: The central problem points in assessing and ensuring the resilience of enterprises are: a) correct modeling of external disturbances; b) ensuring the statistical homogeneity of the source data array.