Biblio

The use of wireless connectivity has increased exponentially in recent years. Fifth generation (5G) communications will soon be deployed worldwide. Six-generation (6G) communications vision and planning have begun, and the use of 6G communications is expected to begin in the 2030s. The 6G system has higher capacity, higher data rates, lower latency, higher security and better quality of service (QoS) compared to the 5G system. This paper presents a brief overview on the vision and requirements of 6G wireless communications and networks. Finally, some of the challenges in launching the 6G are also explained.

Data privacy has been an important area of research in recent years. Dataset often consists of sensitive data fields, exposure of which may jeopardize interests of individuals associated with the data. In order to resolve this issue, privacy techniques can be used to hinder the identification of a person through anonymization of the sensitive data in the dataset to protect sensitive information, while the anonymized dataset can be used by the third parties for analysis purposes without obstruction. In this research, we investigated a privacy technique, k-anonymity for different values of on different number columns of the dataset. Next, the information loss due to k-anonymity is computed. The anonymized files go through the classification process by some machine-learning algorithms i.e., Naive Bayes, J48 and neural network in order to check a balance between data anonymity and data utility. Based on the classification accuracy, the optimal values of and are obtained, and thus, the optimal and can be used for k-anonymity algorithm to anonymize optimal number of columns of the dataset.

With the advent of Industry 4.0, the Internet of Things (IoT) and Artificial Intelligence (AI), smart entities are now able to read the minds of users via extracting cognitive patterns from electroencephalogram (EEG) signals. Such brain data may include users' experiences, emotions, motivations, and other previously private mental and psychological processes. Accordingly, users' cognitive privacy may be violated and the right to cognitive privacy should protect individuals against the unconsented intrusion by third parties into the brain data as well as against the unauthorized collection of those data. This has caused a growing concern among users and industry experts that laws to protect the right to cognitive liberty, right to mental privacy, right to mental integrity, and the right to psychological continuity. In this paper, we propose an AI-enabled EEG model, namely Cognitive Privacy, that aims to protect data and classifies users and their tasks from EEG data. We present a model that protects data from disclosure using normalized correlation analysis and classifies subjects (i.e., a multi-classification problem) and their tasks (i.e., eye open and eye close as a binary classification problem) using a long-short term memory (LSTM) deep learning approach. The model has been evaluated using the EEG data set of PhysioNet BCI, and the results have revealed its high performance of classifying users and their tasks with achieving high data privacy.

The Internet has changed business, education, healthcare, banking etc. and it is the main part of technological evolution. Internet provides us a connecting world to perform our day to day life activities easily. Internet is designed in such a way that it can uniquely identify machine, not a person, on the network hence there is need to design a system that can perform entity identification on the Internet. Currently on Internet, service providers provide identity of a user with user name and password and store this information on a centralized server. These servers become honey pot for hackers to steal user’s personal identity information and service provider can utilize user identity information using data mining, artificial intelligence for economic benefits. Aim of Self sovereign identity system is to provide decentralized, user centric identity system which is controlled by identity owner that can be developed along with distributed ledger technology i.e. blockchain. In this paper, we intend to make an exhaustive study on different blockchain based self sovereign identity implementations (such as Sovrin, Uport, EverID, LifeID, Sora, SelfKey) along with its architectural components and discuss about use case of self sovereign identity.

The dummy-based method has been commonly used to protect the users location privacy in location-based services, since it can provide precise results and generally do not rely on a third party or key sharing. However, the close spatiotemporal correlation between the consecutively reported locations enables the adversary to identify some dummies, which lead to the existing dummy-based schemes fail to protect the users location privacy completely. To address this limit, this paper proposes a new algorithm to produce dummy location by generating dummy trajectory, which naturally takes into account of the spatiotemporal correlation all round. Firstly, the historical trajectories similar to the user's travel route are chosen as the dummy trajectories which depend on the distance between two trajectories with the help of home gateway. Then, the dummy is generated from the dummy trajectory by taking into account of time reachability, historical query similarity and the computation of in-degree/out-degree. Security analysis shows that the proposed scheme successfully perturbs the spatiotemporal correlation between neighboring location sets, therefore, it is infeasible for the adversary to distinguish the users real location from the dummies. Furthermore, extensive experiments indicate that the proposal is able to protect the users location privacy effectively and efficiently.

This paper studies initial-value privacy problems of linear dynamical systems. We consider a standard linear time-invariant system with random process and measurement noises. For such a system, eavesdroppers having access to system output trajectories may infer the system initial states, leading to initial-value privacy risks. When a finite number of output trajectories are eavesdropped, we consider a requirement that any guess about the initial values can be plausibly denied. When an infinite number of output trajectories are eavesdropped, we consider a requirement that the initial values should not be uniquely recoverable. In view of these two privacy requirements, we define differential initial-value privacy and intrinsic initial-value privacy, respectively, for the system as metrics of privacy risks. First of all, we prove that the intrinsic initial-value privacy is equivalent to unobservability, while the differential initial-value privacy can be achieved for a privacy budget depending on an extended observability matrix of the system and the covariance of the noises. Next, the inherent network nature of the considered linear system is explored, where each individual state corresponds to a node and the state and output matrices induce interaction and sensing graphs, leading to a network system. Under this network system perspective, we allow the initial states at some nodes to be public, and investigate the resulting intrinsic initial- value privacy of each individual node. We establish necessary and sufficient conditions for such individual node initial-value privacy, and also prove that the intrinsic initial-value privacy of individual nodes is generically determined by the network structure.

With the development of technology, application of the Internet in daily life is increasing, making our connection with the Internet closer. However, with the improvement of convenience, information security has become more and more important. How to ensure information security in a convenient living environment is a question worth discussing. For instance, the widespread deployment of IP-cameras has made great progress in terms of convenience. On the contrary, it increases the risk of privacy exposure. Poorly designed surveillance devices may be implanted with suspicious software, which might be a thorny issue to human life. To effectively identify vulnerable devices, we design an SDN-based identification system that uses machine learning technology to identify brands and probable model types by identifying packet features. The identifying results make it possible for further vulnerability analysis.

One of the most important information in Wireless Sensor Networks (WSNs) is the location of each sensor node. This kind of information is very attractive to attackers for real position exposure of nodes making the whole network vulnerable to different kinds of attacks. According to WSNs privacy, there are two types of threats affect the network: Contextual and Content privacy. In this work, we study contextual privacy, where an eavesdropper tries to find the location of the source or sink node. We propose a Multi-Sinks Cluster-Based Location Privacy Protection (MSCLP) scheme in WSNs that divides the WSN into clusters, each cluster managed by one cluster head (CH). Each CH sends random fake packets in a loop then sends the real packet to the neighbor's CHs using a dynamic routing method to confuse the attacker from tracing back the real packet to reveal the actual location of the source node, we are taking in our consideration two important metrics: the energy consumption, and the delay.

In decision-making problems, the actions of an agent may reveal sensitive information that drives its decisions. For instance, a corporation's investment decisions may reveal its sensitive knowledge about market dynamics. To prevent this type of information leakage, we introduce a policy synthesis algorithm that protects the privacy of the transition probabilities in a Markov decision process. We use differential privacy as the mathematical definition of privacy. The algorithm first perturbs the transition probabilities using a mechanism that provides differential privacy. Then, based on the privatized transition probabilities, we synthesize a policy using dynamic programming. Our main contribution is to bound the "cost of privacy," i.e., the difference between the expected total rewards with privacy and the expected total rewards without privacy. We also show that computing the cost of privacy has time complexity that is polynomial in the parameters of the problem. Moreover, we establish that the cost of privacy increases with the strength of differential privacy protections, and we quantify this increase. Finally, numerical experiments on two example environments validate the established relationship between the cost of privacy and the strength of data privacy protections.

Cloud computing provides an open architecture and resource sharing computing platform with pay-per-use model. It is now a popular computing platform and most of the new internet based computing services are on this innovation supported environment. We consider it as innovation supported because developers are more focused here on the service design, rather on arranging the infrastructure, network, management of the resources, etc. These all things are available in cloud computing on hired basis. Now, a big question arises here is the security of data or privacy of data because the service provider is already using the infrastructure, network, storage, processors, and other more resources from the third party. So, the security or privacy of the portable user's data is the main motivation for writing this research paper. In this paper, we are proposing an innovative perturbation algorithm MAP() to secure the portable user's data on the cloud server.

The most significant motivation behind calculations in data mining will play out excavation on incomprehensible past examples since the extremely large data size. During late occasions there are numerous phenomenal improvements in data assembling because of the advancement in the field of data innovation. Lately, Privacy issues in data Preservation didn't get a lot of consideration in the process mining network; nonetheless, a few protection safeguarding procedures in data change strategies have been proposed in the data mining network. There are more normal distinction between data mining and cycle mining exist yet there are key contrasts that make protection safeguarding data mining methods inadmissible to mysterious cycle data. Results dependent on the data mining calculation can be utilized in different regions, for example, Showcasing, climate estimating and Picture Examination. It is likewise uncovered that some delicate data has a result of the mining calculation. Here we can safeguard the Privacy by utilizing PPT (Privacy Preservation Techniques) strategies. Important Concept in data mining is privacy preservation Techniques (PPT) because data exchanged between different persons needs security, so that other persons didn't know what actual data transferred between the actual persons. Preservation in data mining deals that not showing the output information / data in the data mining by using various methods while the output data is precious. There are two techniques used for privacy preservation techniques. One is to alter the input information / data and another one is to alter the output information / data. The method is proposed for protection safeguarding in data base environmental factors is data change. This capacity has fuzzy three-sided participation with this strategy for data change to change the first data collection.

The training process of deep learning model is costly. As such, deep learning model can be treated as an intellectual property (IP) of the model creator. However, a pirate can illegally copy, redistribute or abuse the model without permission. In recent years, a few Deep Neural Networks (DNN) IP protection works have been proposed. However, most of existing works passively verify the copyright of the model after the piracy occurs, and lack of user identity management, thus cannot provide commercial copyright management functions. In this paper, a novel user fingerprint management and DNN authorization control technique based on backdoor is proposed to provide active DNN IP protection. The proposed method can not only verify the ownership of the model, but can also authenticate and manage the user's unique identity, so as to provide a commercially applicable DNN IP management mechanism. Experimental results on CIFAR-10, CIFAR-100 and Fashion-MNIST datasets show that the proposed method can achieve high detection rate for user authentication (up to 100% in the three datasets). Illegal users with forged fingerprints cannot pass authentication as the detection rates are all 0 % in the three datasets. Model owner can verify his ownership since he can trigger the backdoor with a high confidence. In addition, the accuracy drops are only 0.52%, 1.61 % and -0.65% on CIFAR-10, CIFAR-100 and Fashion-MNIST, respectively, which indicate that the proposed method will not affect the performance of the DNN models. The proposed method is also robust to model fine-tuning and pruning attacks. The detection rates for owner verification on CIFAR-10, CIFAR-100 and Fashion-MNIST are all 100% after model pruning attack, and are 90 %, 83 % and 93 % respectively after model fine-tuning attack, on the premise that the attacker wants to preserve the accuracy of the model.

Over the years, public health has faced a large number of challenges like COVID-19. Medical cloud computing is a promising method since it can make healthcare costs lower. The computation of health data is outsourced to the cloud server. If the encrypted medical data is not decrypted, it is difficult to search for those data. Many researchers have worked on searchable encryption schemes that allow executing searches on encrypted data. However, many existing works support single-keyword search. In this article, we propose a patient-centered fine-grained attribute-based encryption scheme with multi-keyword search (CP-ABEMKS) for medical cloud computing. First, we leverage the ciphertext-policy attribute-based technique to construct trapdoors. Then, we give a security analysis. Besides, we provide a performance evaluation, and the experiments demonstrate the efficiency and practicality of the proposed CP-ABEMKS.

In this research we propose a framework that will strengthen the IoT devices security from dual perspectives; avoid devices to become attack target as well as a source of an attack. Unlike traditional devices, IoT devices are equipped with insufficient host-based defense system and a continuous internet connection. All time internet enabled devices with insufficient security allures the attackers to use such devices and carry out their attacks on rest of internet. When plethora of vulnerable devices become source of an attack, intensity of such attacks increases exponentially. Mirai was one of the first well-known attack that exploited large number of vulnerable IoT devices, that bring down a large part of Internet. To strengthen the IoT devices from dual security perspective, we propose a two step framework. Firstly, confine the communication boundary of IoT devices; IoT-Sphere. A sphere of IPs that are allowed to communicate with a device. Any communication that violates the sphere will be blocked at the gateway level. Secondly, only allowed communication will be evaluated for potential attacks and anomalies using advance detection engines. To show the effectiveness of our proposed framework, we perform couple of attacks on IoT devices; camera and google home and show the feasibility of IoT-Sphere.

A successful application of an Internet of Things (IoT) based network depends on the accurate and successful delivery of a large amount of data collected from numerous sources. However, the highly dynamic nature of IoT network prevents the establishment of clear security perimeters and hampers the understanding of security aspects. Risk assessment in such networks requires good situational awareness with respect to security. Therefore, a comprehensive view of data propagation including information on security controls can improve security analysis and risk assessment in each layer of data propagation in an IoT architecture. Documentation of metadata is already used in data provenance to identify who generates which data, how, and when. However, documentation of security information is not seen as relevant for data provenance graphs. In this paper, we discuss the importance of adding security metadata in a data provenance graph. We propose a novel IoT Provenance model, Prov-IoT, which documents the history of data records considering data processing and aggregation along with security metadata to enable a foundation for trust in data. The model portrays a comprehensive framework and outlines the identification of information to be included in designing a security-aware provenance graph. This can be beneficial for uncovering system fault or intrusion. Also, it can be useful for decision-based systems for security analysis and risk estimation. We design an associated class diagram for the Prov-IoT model. Finally, we use an IoT healthcare example scenario to demonstrate the impact of the proposed model.

Attribute-based encryption received widespread attention as soon as it was proposed. However, due to its specific characteristics, some restrictions on attribute set are not flexible enough in actual operation. In addition, since access authorities are determined according to users' attributes, users sharing the same attributes are difficult to be distinguished. Once a malicious user makes illicit gains by their decryption authorities, it is difficult to track down specific user. This paper follows practical demands to propose a more flexible key-policy attribute-based encryption scheme with black-box traceability. The scheme has a constant size of public parameters which can be utilized to construct attribute-related parameters flexibly, and the method of traitor tracing in broadcast encryption is introduced to achieve effective malicious user tracing. In addition, the security and feasibility can be proved by the security proofs and performance evaluation in this paper.

Since the last few decades, several chaotic encryption techniques are reported by different researchers. Although the cryptanalysis of some techniques shows the feebler resistance of those algorithms against any weaker attackers. However, different hyper-chaotic based and DNA-coding based encrypting methods are introduced recently. Though, these methods are efficient against several attacks, but, increase complexity as well. On account of these drawbacks, we have proposed a novel technique of chaotic encryption of an image using the integer wavelet transform (IWT) and global bit scrambling (GBS). Here, the image is transformed and decomposed by IWT. Thereafter, a chaotic map is used in the encryption algorithm. A key-dependent bit scrambling (GBS) is introduced rather than pixel scrambling to make the encryption stronger. It enhances key dependency along with the increased resistance against intruder attacks. To check the fragility and dependability of the algorithm, a sufficient number of tests are done, which have given reassuring results. Some tests are done to check the similarity between the original and decrypted image to ensure the excellent outcome of the decryption algorithm. The outcomes of the proposed algorithm are compared with some recent works' outputs to demonstrate its eligibility.

Image steganography is the operation of hiding a message into a cover image. the message can be text, codes, or image. Hiding an image into another is the proposed approach in this paper. Based on LSB coding, a k-LSB-based method is proposed using k least bits to hide the image. For decoding the hidden image, a region detection operation is used to know the blocks contains the hidden image. The resolution of stego image can be affected, for that, an image quality enhancement method is used to enhance the image resolution. To demonstrate the effectiveness of the proposed approach, we compare it with some of the state-of-the-art methods.

With fast turn of events and development of the web, malware is one of major digital dangers nowadays. Henceforth, malware detection is an important factor in the security of computer systems. Nowadays, attackers generally design polymeric malware [1], it is usually a type of malware [2] that continuously changes its recognizable feature to fool detection techniques that uses typical signature based methods [3]. That is why the need for Machine Learning based detection arises. In this work, we are going to obtain behavioral-pattern that may be achieved through static or dynamic analysis, afterward we can apply dissimilar ML techniques to identify whether it's malware or not. Behavioral based Detection methods [4] will be discussed to take advantage from ML algorithms so as to frame social-based malware recognition and classification model.

In the past few years, the malware industry has been thriving. Malware variants among the same malware family shared similar behavioural patterns or signatures reflecting their purpose. We propose an approach that combines support vector machine (SVM) classifiers and active learning by learning (ALBL) techniques to deal with insufficient labeled data in terms of the malware classification tasks. The proposed approach is evaluated with the malware family dataset from Microsoft Malware Classification Challenge (BIG 2015) on Kaggle. The results show that ALBL techniques can effectively boost the performance of our machine learning models and improve the quality of labeled samples.

Since trajectory data is widely collected and utilized for scientific research and business purpose, publishing trajectory without proper privacy-policy leads to an acute threat to individual data. Recently, several methods, i.e., k-anonymity, l-diversity, t-closeness have been studied, though they tend to protect by reducing data depends on a feature of each method. When a strong privacy protection is required, these methods have excessively reduced data utility that may affect the result of scientific research. In this research, we suggest a novel approach to tackle this existing dilemma via an adding noise trajectory on a vector-based grid environment.

Fake source packet routing protocols can ensure Source Location Privacy (SLP) protection. However, the protocols have demonstrated some performance limitations including high energy consumption, low packet delivery ratio (PDR), and long end-to-end delay (EED). In this study, a 2-level phantom routing protocol is proposed to address some limitations of an existing fake source packet routing protocol. The proposed protocol supplants the fake source packets with a random second level phantom node to alleviate the limitations. Analysis results confirm that the proposed protocol is capable of achieving strong SLP protection with minimized communication overhead. By removing the fake packet traffic in the network, the protocol incurs minimized energy consumption, maximized PDR, and minimized EED.

As the number of data in various industries and government sectors is growing exponentially, the `7V' concept of big data aims to create a new value by indiscriminately collecting and analyzing information from various fields. At the same time as the ecosystem of the ICT industry arrives, big data utilization is treatened by the privacy attacks such as infringement due to the large amount of data. To manage and sustain the controllable privacy level, there need some recommended de-identification techniques. This paper exploits those de-identification processes and three types of commonly used privacy models. Furthermore, this paper presents use cases which can be adopted those kinds of technologies and future development directions.

Preserving medical data is of utmost importance to stake holders. There are not many laws in India about preservation, usability of patient records. When data is transmitted across the globe there are chances of data getting tampered intentionally or accidentally. Tampered data loses its authenticity for diagnostic purpose, research and various other reasons. This paper proposes an authenticity based ECDSA algorithm by signature verification to identify the tampering of medical image files and alerts by the rules of authenticity. The algorithm can be used by researchers, doctors or any other educated person in order to maintain the authenticity of the record. Presently it is applied on medical related image files like DICOM. However, it can support any other medical related image files and still preserve the authenticity.

Authenticating a person's identity has always been a challenge. While attempts are being made by government agencies to address this challenge, the citizens are being exposed to a new age problem of Identity management. The sharing of photocopies of identity cards in order to prove our identity is a common sight. From score-card to Aadhar-card, the details of our identity has reached many unauthorized hands during the years. In India the identity thefts accounts for 77% [1] of the fraud cases, and the threats are trending. Programs like e-Residency by Estonia[2], Bitnation using Ethereum[3] are being devised for an efficient Identity Management. Even the US Home Land Security is funding a research with an objective of “Design information security and privacy concepts on the Blockchain to support identity management capabilities that increase security and productivity while decreasing costs and security risks for the Homeland Security Enterprise (HSE).” [4] This paper will discuss the challenges specific to India around Identity Management, and the possible solution that the Distributed ledger, hashing algorithms and smart contracts can offer. The logic of hashing the personal data, and controlling the distribution of identity using public-private keys with Blockchain technology will be discussed in this paper.