Biblio

The problem of maintaining the privacy of sensitive healthcare data is crucial yet the significance of research efforts achieved still need robust development in privacy protection techniques for Wireless Multimedia Sensor Networks (WMSNs). This paper aims to investigate different privacy-preserving methods for WMSNs that can be applied in healthcare, to guarantee a privacy-aware transmission of multimedia data between sensors and base stations. The combination of ant colony optimization-based routing and hierarchical structure of the network have been proposed in the AntSensNet WMSN-based routing protocol to offer QoS and power efficient multipath multimedia packet scheduling. In this paper, the AntSensNet routing protocol was extended by utilizing privacy-preserving mechanisms thus achieving anonymity / pseudonymity, unlinkability, and location privacy. The vulnerability of standard AntSensNet routing protocol to privacy threats have raised the need for the following privacy attacks’ countermeasures: (i) injection of fake traffic, which achieved anonymity, privacy of source and base locations, as well as unlinkability; (ii) encrypting and correlating the size of scalar and multimedia data which is transmitted through a WMSN, along with encrypting and correlating the size of ants, to achieve unlinkability and location privacy; (iii) pseudonyms to achieve unlinkability. The impact of these countermeasures is assessed using quantitative performance analysis conducted through simulation to gauge the overhead of the added privacy countermeasures. It can be concluded that the introduced modifications did enhance the privacy but with a penalty of increased delay and multimedia jitter. The health condition of a patient determines the vitals to be monitored which affects the volumes and sources of fake traffic. Consequently, desired privacy level will dictate incurred overhead due to multimedia transmissions and privacy measures.

In this paper, we address the problem of privacy-preserving of the consumer's energy measurements in the context of the SG. To this end, we present a blockchain-based approach to preserve the privacy for smart grid users and to detect data forgery, replay attacks, and data injection attacks.

Wearable devices are emerging as effective modalities for the collection of individuals’ data. While this data can be leveraged for use in several areas ranging from health-care to crime investigation, storing and securely accessing such information while preserving privacy and detecting any tampering attempts are significant challenges. This paper describes a decentralized system that ensures an individual’s privacy, maintains an immutable log of any data access, and provides decentralized access control management. Our proposed framework uses a custom permissioned blockchain protocol to securely log data transactions from wearable devices in the blockchain ledger. We have implemented a proof-of-concept for our framework, and our preliminary evaluation is summarized to demonstrate our proposed framework’s capabilities. We have also discussed various application scenarios of our privacy-preserving model using blockchain and proof-of-authority. Our research aims to detect data tampering attempts in data sharing scenarios using a thorough transaction log model.

The federated learning scheme enhances the privacy preservation through avoiding the private data uploading in cloud-edge computing. However, the attacks against the uploaded model updates still cause private data leakage which demotivates the privacy-sensitive participating edge devices. Facing this issue, we aim to design a privacy-preserving incentive mechanism for the federated cloud-edge learning (PFCEL) system such that 1) the edge devices are motivated to actively contribute to the updated model uploading, 2) a trade-off between the private data leakage and the model accuracy is achieved. We formulate the incentive design problem as a three-layer Stackelberg game, where the server-device interaction is further formulated as a contract design problem. Extensive numerical evaluations demonstrate the effectiveness of our designed mechanism in terms of privacy preservation and system utility.

With the popularization of mobile communication and sensing equipment, as well as the rapid development of location-aware technology and wireless communication technology, LBSs(Location-based services) bring convenience to people’s lives and enable people to arrange activities more efficiently and reasonably. It can provide more flexible LBS proximity detection query, which has attracted widespread attention in recent years. However, the development of proximity detection query still faces many severe challenges including query information privacy. For example, when users want to ensure their location privacy and data security, they can get more secure location-based services. In this article, we propose an efficient and privacy-protecting proximity detection framework based on location services: PD(Proximity Detection). Through PD, users can query the range of arbitrary polygons and obtain accurate LBS results. Specifically, based on homomorphic encryption technology, an efficient PRQ(polygon range query) algorithm is constructed. With the help of PRQ, PD, you can obtain accurate polygon range query results through the encryption request and the services provided by the LAS(LBS Agent Server) and the CS(Cloud Server). In addition, the query privacy of the queryer and the information of the data provider are protected. The correctness proof and performance analysis show that the scheme is safe and feasible. Therefore, our scheme is suitable for many practical applications.

Cyber-Physical Systems (CPS) underpin global critical infrastructure, including power, water, gas systems and smart grids. CPS, as a technology platform, is unique as a target for Advanced Persistent Threats (APTs), given the potentially high impact of a successful breach. Additionally, CPSs are targets as they produce significant amounts of heterogeneous data from the multitude of devices and networks included in their architecture. It is, therefore, essential to develop efficient privacy-preserving techniques for safeguarding system data from cyber attacks. This paper introduces a comprehensive review of the current privacy-preserving techniques for protecting CPS systems and their data from cyber attacks. Concepts of Privacy preservation and CPSs are discussed, demonstrating CPSs' components and the way these systems could be exploited by either cyber and physical hacking scenarios. Then, classification of privacy preservation according to the way they would be protected, including perturbation, authentication, machine learning (ML), cryptography and blockchain, are explained to illustrate how they would be employed for data privacy preservation. Finally, we show existing challenges, solutions and future research directions of privacy preservation in CPSs.

In this paper, we propose a scheme that supports statistic query and authorized access control on an Encrypted Electronic Medical Records Databases(EMDB). Different from other schemes, it is based on Differential-Privacy(DP), which can protect the privacy of patients. By deploying an improved Multi-Authority Attribute-Based Encryption(MA-ABE) scheme, all authorities can distribute their search capability to clients under different authorities without additional negotiations. To our best knowledge, there are few studies on statistical queries on encrypted data. In this work, we consider that support differentially-private statistical queries. To improve search efficiency, we leverage the Bloom Filter(BF) to judge whether the keywords queried by users exists. Finally, we use experiments to verify and evaluate the feasibility of our proposed scheme.

The Internet of Things (IoT) paradigm has been proposed in the last few years with the goal of addressing technical problems in fields such as home and industrial automation, smart lighting systems and traffic monitoring. However, due to the very nature of the IoT devices (generally low-powered and often lacking strong security functionalities), typical deployments pose a great risk in terms of security and privacy. In this respect, the utilization of both a Trusted Execution Environment (TEE) and a Trusted Platform Module (TPM) can serve as a countermeasure against typical attacks. Furthermore, these functional blocks can serve as safe key storage services and provide a robust secure boot implementation and a firmware update mechanism, thus ensuring run-time authentication and integrity. The Common Criteria for Information Technology Security Evaluation allows to determine the degree of attainment of precise security properties in a product. The main objective of this work is to identify, propose and compose bricks of protection profile (PP), as defined by Common Criteria, that are applicable to secure IoT architectures. Moreover, it aims at giving some guiding rules and facilitate future certifications of components and/or their composition. Finally, it also provides a structure for a future methodology of assessment for IoT devices.

This prototype demonstrates the viability of manipulating both physical and virtual objects with the same tool in order to maintain object permanence across both modes of interaction. Using oppositional force feedback, provided by a servo, and an augmented visual interface, provided by the user’s smartphone, this tool simulates the look and feel of a physical object within an augmented environment. Additionally, the tool is also able to manipulate physical objects that are not part of the augmented reality, such as a physical nut. By integrating both modes of interaction into the same tool, users can fluidly move between these different modes of interaction, manipulating both physical and virtual objects as the need arises. By overlaying this kind of visual and haptic augmentation onto a common tool such as a pair of pliers, we hope to further explore scenarios for collaborative telepresence in future work.

A standard requirement for a signature scheme is that it is existentially unforgeable under chosen message attacks (EUF-CMA), alongside other properties of interest such as strong unforgeability (SUF-CMA), and resilience against key substitution attacks.Remarkably, no detailed proofs have ever been given for these security properties for EdDSA, and in particular its Ed25519 instantiations. Ed25519 is one of the most efficient and widely used signature schemes, and different instantiations of Ed25519 are used in protocols such as TLS 1.3, SSH, Tor, ZCash, and WhatsApp/Signal. The differences between these instantiations are subtle, and only supported by informal arguments, with many works assuming results can be directly transferred from Schnorr signatures. Similarly, several proofs of protocol security simply assume that Ed25519 satisfies properties such as EUF-CMA or SUF-CMA.In this work we provide the first detailed analysis and security proofs of Ed25519 signature schemes. While the design of the schemes follows the well-established Fiat-Shamir paradigm, which should guarantee existential unforgeability, there are many side cases and encoding details that complicate the proofs, and all other security properties needed to be proven independently.Our work provides scientific rationale for choosing among several Ed25519 variants and understanding their properties, fills a much needed proof gap in modern protocol proofs that use these signatures, and supports further standardisation efforts.

Recent advancements of spatial audio technologies to enhance human’s emotional and immersive experiences are gathering attention. Many studies are clarifying the neural mechanisms of acoustic spatial perception; however, they are limited to the evaluation of mechanisms using basic sound stimuli. Therefore, it remains challenging to evaluate the experience of actual music contents and to verify the effects of higher-order neurophysiological responses including a sense of immersive and realistic experience. To investigate the effects of spatial audio experience, we verified the psychophysiological responses of immersive spatial audio experience using sound field synthesis (SFS) technology. Specifically, we evaluated alpha power as the central nervous system activity, heart rate/heart rate variability and skin conductance as the autonomic nervous system activity during an acoustic experience of an actual music content by comparing stereo and SFS conditions. As a result, statistically significant differences (p \textbackslashtextless 0.05) were detected in the changes in alpha wave power, high frequency wave power of heart rate variability (HF), and skin conductance level (SCL) among the conditions. The results of the SFS condition showed enhanced the changes in alpha power in the frontal and parietal regions, suggesting enhancement of emotional experience. The results of the SFS condition also suggested that close objects are grouped and perceived on the basis of the spatial proximity of sounds in the presence of multiple sound sources. It is demonstrating that the potential use of SFS technology can enhance emotional and immersive experiences by spatial acoustic expression.

The cloud infrastructure is not new to the society from past one decade. But even in recent time, the companies started migrating from local services to cloud services for better connectivity and for other requirements, this is due to companies financial limitations on existing infrastructure, they are migrating to less cost and hire and fire support based cloud infrastructures. But the proposed cloud infrastructure require security on event logs accessed by different end users on the cloud environment. To adopt the security on local services to cloud service based infrastructure, it need better identify management between end users. Therefore this paper presents the related works of user identity as a service for each user involving in cloud service and the accessing permission and protection will be monitored and controlled by the cloud security infrastructures.

Service workers boost the user experience of modern web applications by taking advantage of the Cache API to improve responsiveness and support offline usage. In this paper, we present the first security analysis of the threats posed by this programming practice, identifying an attack with major security implications. In particular, we show how a traditional XSS attack can abuse the Cache API to escalate into a personin-the-middle attack against cached content, thus compromising its confidentiality and integrity. Remarkably, this attack enables new threats which are beyond the scope of traditional XSS. After defining the attack, we study its prevalence in the wild, finding that the large majority of the sites which register service workers using the Cache API are vulnerable as long as a single webpage in the same origin of the service worker is affected by an XSS. Finally, we propose a browser-side countermeasure against this attack, and we analyze its effectiveness and practicality in terms of security benefits and backward compatibility with existing web applications.

Service workers boost the user experience of modern web applications by taking advantage of the Cache API to improve responsiveness and support offline usage. In this paper, we present the first security analysis of the threats posed by this programming practice, identifying an attack with major security implications. In particular, we show how a traditional XSS attack can abuse the Cache API to escalate into a personin-the-middle attack against cached content, thus compromising its confidentiality and integrity. Remarkably, this attack enables new threats which are beyond the scope of traditional XSS. After defining the attack, we study its prevalence in the wild, finding that the large majority of the sites which register service workers using the Cache API are vulnerable as long as a single webpage in the same origin of the service worker is affected by an XSS. Finally, we propose a browser-side countermeasure against this attack, and we analyze its effectiveness and practicality in terms of security benefits and backward compatibility with existing web applications.

The development of artificial intelligence will certainly fundamentally change the pattern of human work. With the promotion of top-level strategies, vocational education can only develop sustainably by integrating with science and technology. Artificial intelligence is a branch of computer science that studies the basic theories, methods and techniques of how to apply computer hardware and software to simulate certain intelligent human behaviors. Artificial intelligence applied to vocational education mainly focuses on resource network technology and integrated distributed intelligent system, which organically integrates various different expert systems (ES), management information systems (MIS), intelligent networks, decision support systems (DSS), databases, numerical computing packages and graphics processing programs to solve complex problems. Artificial intelligence will certainly empower vocational education and give rise to a vocational education revolution. In the process of continuous improvement of AI, it is a more practical approach to apply various already mature AI technologies to vocational education practice. Establishing an intelligent vocational education ecology enables traditional education and AI to complement each other's advantages and jointly promote the healthy and sustainable development of vocational education ecology.

This paper proposes an image encryption technology based on six-dimensional hyperchaotic system and DNA encoding, in order to solve the problem of low security in existing image encryption algorithms. First of all, the pixel values of the R, G, and B channels are divided into blocks and zero-filled. Secondly, the chaotic sequence generated by the six-dimensional hyperchaotic system and logistic mapping is used for DNA coding and DNA operations. Third, the decoded three-channel pixel values are scrambled through diagonal traversal. Finally, merge the channels to generate a ciphertext image. According to simulation experiments and related performance analysis, the algorithm has high security performance, good encryption and decryption effects, and can effectively resist various common attack methods.

With the rapid development of the internet of things and cloud computing, users can instantly transmit a large amount of data to various fields, with the development of communication technology providing convenience for people's life, information security is becoming more and more important. Therefore, it is of great significance to study the technology of image hiding information detection. This paper mainly uses the support vector machine learning algorithm to detect the hidden information of the image, based on a standard image library, randomly selecting images for embedding secret information. According to the bit-plane correlation and the gradient energy change of a single bit-plane after encryption of an image LSB matching algorithm, gradient energy change is selected as characteristic change, and the gradient energy change is innovatively applied to a support vector machine classifier algorithm, and has very good detection effect and good stability on the dense image with the embedding rate of more than 40 percent.

In order to improve the big data management ability of IOT access control based on converged network structure, a security integration model of IOT access control based on machine learning and converged network structure is proposed. Combined with the feature analysis method, the storage structure allocation model is established, the feature extraction and fuzzy clustering analysis of big data are realized by using the spatial node rotation control, the fuzzy information fusion parameter analysis model is constructed, the frequency coupling parameter analysis is realized, the virtual inertia parameter analysis model is established, and the integrated processing of big data is realized according to the machine learning analysis results. The test results show that the method has good clustering effect, reduces the storage overhead, and improves the reliability management ability of big data.

Demand-side management (DSM) plays a significant function in the smart distribution system to make informed decisions from both the consumer and supplier side with regards to energy consumption to redesign the load profile and to decrease the peak load demand. This study extensively reviews the demand-side management (DSM) strategies along with both demand response and energy efficiency policies. The major objective of this paper is to enumerate the relevant features responsible to strengthen the DSM effectively, particularly for residential energy demand and the limits to energy indicators. Secondly, the large untapped and hidden potential and the associated barriers to energy efficiency enhancement are focused and surveyed for formulating a better number of potential policy responses. This further explores the portfolio approach with bundled strategies to reflect on the power market through enhancing the strength of individual residential measures through complementary policies to reduce the weaknesses. This concludes at last with the findings of possible holistic measures related to various approaches and attributes findings that reinforce the DSM strategies to enhance energy management and cost-effectiveness. Apart from that the architecture, formulation of optimization problems, and various approaches are presented to help the readers to develop research in this direction to maximize the total system peak demand, overall load factor, and utility revenue with the minimized customer electric bill.

Federated Learning (FL) is a multiparty learning computing approach that can aid privacy-preservation machine learning. However, FL has several potential security and privacy threats. First, the existing FL requires a central coordinator for the learning process which brings a single point of failure and trust issues for the shared trained model. Second, during the learning process, intentionally unreliable model updates performed by Byzantine colluding parties can lower the quality and convergence of the shared ML models. Therefore, discovering verifiable local model updates (i.e., integrity or correctness) and trusted parties in FL becomes crucial. In this paper, we propose a resilient and verifiable FL algorithm based on a reputation scheme to cope with unreliable parties. We develop a selection algorithm for task publisher and blockchain-based multiparty learning architecture approach where local model updates are securely exchanged and verified without the central party. We also proposed a novel auditing scheme to ensure our proposed approach is resilient up to 50% Byzantine colluding attack in a malicious scenario.

For systems with order of dynamics higher than two and oscillating loads with low damping, a non-collocation of the sensing and control can deteriorate robustness of the feedback and, in worst case, even bring it to instability. Furthermore, for a contactless sensing of the oscillating mechanical load, like in the system under investigation, the control structure is often restricted to the single proportional feedback only. This paper proposes a novel robust feedback control scheme for a low-damped fourth-order system using solely the measured load displacement. For reference tracking, the loop shaping design relies on a band reject filter, while the plant uncertainties are used as robustness measure for determining the feedback gain. Since prime uncertainties are due to the stiffness of elastic link, correspondingly connecting spring, and due to the gain of actuator transducer, the loop sensitivity function with additive plant variation is used for robustness measure. In order to deal with unknown disturbances, which are inherently exciting the load oscillations independently of the loop shaping performance, an output delay-based compensator is proposed as a second control-degree-of-freedom. That one requires an estimate of the load oscillation frequency only and does not affect the shaped open-loop behavior, correspondingly sensitivity function. An extensive numerical setup of the modeled system, a two-mass oscillator with contactless sensing of the load under gravity and low damping of the connecting spring, is used for the control evaluation and assessment of its robustness.

Cloud-based enterprise search services (e.g., AWS Kendra) have been entrancing big data owners by offering convenient and real-time search solutions to them. However, the problem is that individuals and organizations possessing confidential big data are hesitant to embrace such services due to valid data privacy concerns. In addition, to offer an intelligent search, these services access the user’s search history that further jeopardizes his/her privacy. To overcome the privacy problem, the main idea of this research is to separate the intelligence aspect of the search from its pattern matching aspect. According to this idea, the search intelligence is provided by an on-premises edge tier and the shared cloud tier only serves as an exhaustive pattern matching search utility. We propose Smartness at Edge (SAED mechanism that offers intelligence in the form of semantic and personalized search at the edge tier while maintaining privacy of the search on the cloud tier. At the edge tier, SAED uses a knowledge-based lexical database to expand the query and cover its semantics. SAED personalizes the search via an RNN model that can learn the user’s interest. A word embedding model is used to retrieve documents based on their semantic relevance to the search query. SAED is generic and can be plugged into existing enterprise search systems and enable them to offer intelligent and privacy-preserving search without enforcing any change on them. Evaluation results on two enterprise search systems under real settings and verified by human users demonstrate that SAED can improve the relevancy of the retrieved results by on average ≈24% for plain-text and ≈75% for encrypted generic datasets.

Since a training system using VR can reproduce an actual training environment, training systems have been studied in commercial fields such as medical care and construction. This immersive experience in a virtual space can have a great effect on learning a second language. In this paper, we propose an immersive learning system that learns phrases used in the customer service industry in the customer service experience. We asked the subjects to experience the system, measured the effects of learning, and evaluated the system. Evaluating the learning effect of phrases used in customer service English on 8 students, all student achieved good learning results. Besides, to evaluate the usability of the system, the VR system was evaluated by performing SSQ to measure VR sickness shows this system doesn't cause virtual sickness, SUS to measure usability shows this system evaluation is higher than average system, and IPQ to measure presence in an immersive space shows this system gives average virtual reality experience.

Integrity verification of cloud data is of great importance for secure and effective cloud storage since attackers can change the data even though it is encrypted. Traditional integrity verification schemes only let the client know the integrity status of the remote data. When the data is corrupted, the system cannot hold the server accountable. Besides, almost all existing schemes assume that the users are credible. Instead, especially in a dynamic operation environment, users can deny their behaviors, and let the server bear the penalty of data loss. To address the issues above, we propose an accountable dynamic storage integrity verification (ADS-IV) scheme which provides means to detect or eliminate misbehavior of all participants. In the meanwhile, we modify the Invertible Bloom Filter (IBF) to recover the corrupted data and use the Mahalanobis distance to calculate the degree of damage. We prove that our scheme is secure under Computational Diffie-Hellman (CDH) assumption and Discrete Logarithm (DL) assumption and that the audit process is privacy-preserving. The experimental results demonstrate that the computational complexity of the audit is constant; the storage overhead is \$O(\textbackslashtextbackslashsqrt n )\$, which is only 1/400 of the size of the original data; and the whole communication overhead is O(1).As a result, the proposed scheme is not only suitable for large-scale cloud data storage systems, but also for systems with sensitive data, such as banking systems, medical systems, and so on.

Zero- Knowledge Proof is a cryptographic protocol exercised to render privacy and data security by securing the identity of users and using services anonymously. It finds numerous applications; authentication is one of them. A Zero-Knowledge Proof-based authentication system is discussed in this paper. Advanced Encryption Standard (AES) and Secure Remote Password (SRP) protocol have been used to design and build the ZKP based authentication system. SRP is a broadly used Password Authenticated Key Exchange (PAKE) protocol. The proposed method overcomes several drawbacks of traditional and commonly used authentication systems such as a simple username and plaintext password-based system, multi-factor authentication system and others.