Biblio

Since trajectory data is widely collected and utilized for scientific research and business purpose, publishing trajectory without proper privacy-policy leads to an acute threat to individual data. Recently, several methods, i.e., k-anonymity, l-diversity, t-closeness have been studied, though they tend to protect by reducing data depends on a feature of each method. When a strong privacy protection is required, these methods have excessively reduced data utility that may affect the result of scientific research. In this research, we suggest a novel approach to tackle this existing dilemma via an adding noise trajectory on a vector-based grid environment.

To improve dynamic updating of privacy protected data release caused by multidimensional sensitivity attribute privacy differences in relational data, we propose a dynamic updating method for privacy protection data release based on the multidimensional privacy differences. By adopting the multi-sensitive bucketization technology (MSB), this method performs quantitative classification of the multidimensional sensitive privacy difference and the recorded value, provides the basic updating operation unit, and thereby realizes dynamic updating of privacy protection data release based on the privacy difference among relational data. The experiment confirms that the method can secure the data updating efficiency while ensuring the quality of data release.

Based on the analysis of the difficulties and pain points of privacy protection in the opening and sharing of government data, this paper proposes a new method for intelligent discovery and protection of structured and unstructured privacy data. Based on the improvement of the existing government data masking process, this method introduces the technologies of NLP and machine learning, studies the intelligent discovery of sensitive data, the automatic recommendation of masking algorithm and the full automatic execution following the improved masking process. In addition, the dynamic masking and static masking prototype with text and database as data source are designed and implemented with agent-based intelligent masking middleware. The results show that the recognition range and protection efficiency of government privacy data, especially government unstructured text have been significantly improved.

Nowadays, with the diversification and decentralization of energy systems, the energy Internet makes it possible to interconnect distributed energy sources and consumers. In the energy trading market, the traditional centralized model relies entirely on trusted third parties. However, as the number of entities involved in the transactions grows and the forms of transactions diversify, the centralized model gradually exposes problems such as insufficient scalability, High energy consumption, and low processing efficiency. To address these challenges, we propose a secure and efficient energy renewable trading scheme based on blockchain. In our scheme, the electricity market trading model is divided into two levels, which can not only protect the privacy, but also achieve a green computing. In addition, in order to adapt to the relatively weak computing power of the underlying equipment in smart grid, we design a credibility-based equity proof mechanism to greatly improve the system availability. Compared with other similar distributed energy trading schemes, we prove the advantages of our scheme in terms of high operational efficiency and low computational overhead through experimental evaluations. Additionally, we conduct a detailed security analysis to demonstrate that our solution meets the security requirements.

Vehicular Ad-hoc Networks (VANETs) is a traditional mobile ad hoc network (MANET) used on traffic roads and it is a special mobile ad hoc network. As an intelligent transportation system, VANETs can solve driving safety and provide value-added services. Therefore, the application of VANETs can improve the safety and efficiency of road traffic. Location services are in a crucial position for the development of VANETs. VANETs has the characteristics of open access and wireless communication. Malicious node attacks may lead to the leakage of user privacy in VANETs, thus seriously affecting the use of VANETs. Therefore, the location privacy issue of VANETs cannot be ignored. This paper classifies the attack methods in VANETs, and summarizes and compares the location privacy protection techniques proposed in the existing research.

In many applications, source nodes send the sensing information of the monitored objects and the sinks receive the transmitted data. Considering the limited resources of sensor nodes, location privacy preservation becomes an important issue. Although many schemes are proposed to preserve source or sink location security, few schemes can preserve the location security of source nodes and sinks. In order to solve this problem, we propose a novel of multi-branch source location privacy protection method based on random walk. This method hides the location of real source nodes by setting multiple proxy sources. And multiple neighbors are randomly selected by the real source node as receivers until a proxy source receives the packet. In addition, the proxy source is chosen randomly, which can prevent the attacker from obtaining the location-related data of the real source node. At the same time, the scheme sets up a branch interference area around the base station to interfere with the adversary by increasing routing branches. Simulation results describe that our scheme can efficiently protect source and sink location privacy, reduce the communication overhead, and prolong the network lifetime.

With the development of IoT, smart health has significantly improved the quality of people's life. A large amount of smart health monitoring system has been proposed, which provides an opportunity for timely and efficient diagnosis. Nevertheless, most of them ignored the impact of environment on patients' health. Due to the openness of the communication channel, data security and privacy preservation are crucial problems to be solved. In this work, an environment aware privacy-preserving authentication protocol based on the fuzzy extractor and elliptic curve cryptography (ecc) is designed for health monitoring system with mutual authentication and anonymity. Edge computing unit can authenticate all environmental sensors at one time. Fuzzy synthetic evaluation model is utilized to evaluate the environment equality with the patients' temporal health index (THI) as an assessment factor, which can help to predict the appropriate environment. The session key is established for secure communication based on the predicted result. Through security analysis, the proposed protocol can prevent common attacks. Moreover, performance analysis shows that the proposed protocol is applicable for resource-limited smart devices in edge computing health monitoring system.

Wearable smart sensing devices presently become more and more popular in people's daily life, which also brings serious problems related to personal data privacy. In order to provide users better experiences, wearable smart sensing devices are collecting users' personal data all the time and uploading the data to service provider to get computing services, which objectively let service provider master each user's condition and cause a lot of problems such as spam, harassing call, etc. This paper designs a blockchain based scheme to solve such problems by cutting off the association between user identifier and its sensing data from perspective of shielding service providers and adversaries. Firstly, privacy requirements and situations in smart sensing area are reviewed. Then, three key technologies are introduced in the scheme including its theories, purposes and usage. Next, the designed protocol is shown and analyzed in detail. Finally, security analysis and engineering feasibility of the scheme are given. This scheme will give user better experience from privacy protection perspective in smart sensing area.

The increasingly networked human society requires that human beings have a clear understanding and control over the structure, nature and behavior of various social networks. There is a tendency towards privacy in the study of network evolutions because privacy disclosure behavior in the network has gradually developed into a serious concern. For this purpose, we extended information theory and proposed a brand-new concept about so-called “habitual privacy” to quantitatively analyze privacy exposure behavior and facilitate privacy computation. We emphasized that habitual privacy is an inherent property of the user and is correlated with their habitual behaviors. The widely approved driving force in recent modeling complex networks is originated from activity. Thus, we propose the privacy-driven model through synthetically considering the activity impact and habitual privacy underlying the decision process. Privacy-driven model facilitates to more accurately capture highly dynamical network behaviors and figure out the complex evolution process, allowing a profound understanding of the evolution of network driven by privacy.

Trajectory data in the Internet of Things contains many behavioral information of users, and the method of Mix-zone can be used to separate the association among the user's movement trajectories. In this paper, the weighted undirected graph is used to establish a mathematical model for the Mix-zone, and a user flow-based algorithm is proposed to estimate the probability of migration between nodes in the graph. In response to the attack method basing on the migration probability, the traditional Mix-zone is improved. Finally, an algorithms for adaptively building enhanced Mix-zone is proposed and the simulation using real data sets shows the superiority of the algorithm.

Control algorithms, like model predictive control, can be computationally expensive and may benefit from being executed over the cloud. This is especially the case for nodes at the edge of a network since they tend to have reduced computational capabilities. However, control over the cloud requires transmission of sensitive data (e.g., system dynamics, measurements) which undermines privacy of these nodes. When choosing a method to protect the privacy of these data, efficiency must be considered to the same extent as privacy guarantees to ensure adequate control performance. In this paper, we review a transformation-based method for protecting privacy, previously introduced by the authors, and quantify the level of privacy it provides. Moreover, we also consider the case of adversaries with side knowledge and quantify how much privacy is lost as a function of the side knowledge of the adversary.

Big data will bring revolutionary changes from life to thinking for society as a whole. At the same time, the massive data and potential value of big data are subject to many security risks. Aiming at the above problems, a data privacy protection model for big data platform is proposed. First, the data privacy protection model of big data for data owners is introduced in detail, including protocol design, logic design, complexity analysis and security analysis. Then, the query privacy protection model of big data for ordinary users is introduced in detail, including query protocol design and query mode design. Complexity analysis and safety analysis are performed. Finally, a stand-alone simulation experiment is built for the proposed privacy protection model. Experimental data is obtained and analyzed. The feasibility of the privacy protection model is verified.

With the development of location technology, location-based services greatly facilitate people's life . However, due to the location information contains a large amount of user sensitive informations, the servicer in location-based services published location data also be subject to the risk of privacy disclosure. In particular, it is more easy to lead to privacy leaks without considering the attacker's semantic background knowledge while the publish sparse location data. So, we proposed semantic k-anonymity privacy protection method to against above problem in this paper. In this method, we first proposed multi-user compressing sensing method to reconstruct the missing location data . To balance the availability and privacy requirment of anonymity set, We use semantic translation and multi-view fusion to selected non-sensitive data to join anonymous set. Experiment results on two real world datasets demonstrate that our solution improve the quality of privacy protection to against semantic attacks.

With the development of artificial intelligence (AI), multimedia privacy issues have become more challenging than ever. AI-assisted malicious entities can steal private information from multimedia data more easily than humans. Traditional multimedia privacy protection only considers the situation when humans are the adversaries, therefore they are ineffective against AI-assisted attackers. In this paper, we develop a new framework and new algorithms that can protect image privacy from both humans and AI. We combine the idea of adversarial image perturbation which is effective against AI and the obfuscation technique for human adversaries. Experiments show that our proposed methods work well for all types of attackers.

Although transport agency has employed desensitization techniques to deal with the privacy information when publicizing vehicle license plate recognition (VLPR) data, the adversaries can still eavesdrop on vehicle trajectories by certain means and further acquire the associated person and vehicle information through background knowledge. In this work, a privacy attacking method by using the desensitized VLPR data is proposed to link the vehicle trajectory. First the road average speed is evaluated by analyzing the changes of traffic flow, which is used to estimate the vehicle's travel time to the next VLPR system. Then the vehicle suspicion list is constructed through the time relevance of neighboring VLPR systems. Finally, since vehicles may have the same features like color, type, etc, the target trajectory will be located by filtering the suspected list by the rule of qualified identifier (QI) attributes and closest time method. Based on the Foshan City's VLPR data, the method is tested and results show that correct vehicle trajectory can be linked, which proves that the current VLPR data publication way has the risk of privacy disclosure. At last, the effects of related parameters on the proposed method are discussed and effective suggestions are made for publicizing VLPR date in the future.

Wearable devices can be potentially captured or accessed in an unauthorized manner because of their physical nature. In such cases, they are in white-box attack contexts, where the adversary may have total visibility on the implementation of the built-in cryptosystem, with full control over its execution platform. Dealing with white-box attacks on wearable devices is undoubtedly a challenge. To serve as a countermeasure against threats in such contexts, we propose a lightweight encryption scheme to protect the confidentiality of data against white-box attacks. We constructed the scheme's encryption and decryption algorithms on a substitution-permutation network that consisted of random secret components. Moreover, the encryption algorithm uses random padding that does not need to be correctly decrypted as part of the input. This feature enables non-bijective linear transformations to be used in each encryption round to achieve strong security. The required storage for static data is relatively small and the algorithms perform well on various devices, which indicates that the proposed scheme satisfies the requirements of wearable computing in terms of limited memory and low computational power.

As we all are aware that internet acts as a depository to store cyberspace data and provide as a service to its user. cloud computing is a technology by internet, where a large amount of data being pooled by different users is stored. The data being stored comes from various organizations, individuals, and communities etc. Thus, security and privacy of data is of utmost importance to all of its users regardless of the nature of the data being stored. In this research paper the use of multiple encryption technique outlines the importance of data security and privacy protection. Also, what nature of attacks and issues might arise that may corrupt the data; therefore, it is essential to apply effective encryption methods to increase data security.

Witnessing the increasingly pervasive deployment of security video surveillance systems(VSS), more and more individuals have become concerned with the issues of privacy violations. While the majority of the public have a favorable view of surveillance in terms of crime deterrence, individuals do not accept the invasive monitoring of their private life. To date, however, there is not a lightweight and secure privacy-preserving solution for video surveillance systems. The recent success of blockchain (BC) technologies and their applications in the Internet of Things (IoT) shed a light on this challenging issue. In this paper, we propose a Lightweight, Blockchain-based Privacy protection (Lib-Pri) scheme for surveillance cameras at the edge. It enables the VSS to perform surveillance without compromising the privacy of people captured in the videos. The Lib-Pri system transforms the deployed VSS into a system that functions as a federated blockchain network capable of carrying out integrity checking, blurring keys management, feature sharing, and video access sanctioning. The policy-based enforcement of privacy measures is carried out at the edge devices for real-time video analytics without cluttering the network.

Signal processing in encrypted domain has become an important mean to protect privacy in an untrusted network environment. Due to the limitations of the underlying encryption methods, many useful algorithms that are sophisticated are not well implemented. Considering that QR decomposition is widely used in many fields, in this paper, we propose to implement QR decomposition in homomorphic encrypted domain. We firstly realize some necessary primitive operations in homomorphic encrypted domain, including division and open square operation. Gram-Schmidt process is then studied in the encrypted domain. We propose the implementation of QR decomposition in the encrypted domain by using the secure implementation of Gram-Schmidt process. We conduct experiments to demonstrate the effectiveness and analyze the performance of the proposed outsourced QR decomposition.

Differential privacy is heavily used in privacy protection due to it provides strong protection against private data. The existing differential privacy scheme mainly implements the privacy protection of nodes or edges in the network by perturbing the data query results. Most of them cannot meet the privacy protection requirements of multiple types of information. In order to overcome these issues, a differential privacy security mechanism with average path length (APL) query is proposed in this paper, which realize the privacy protection of both network vertices and edge weights. Firstly, by describing APL, the reasons for choosing this attribute as the query function are analyzed. Secondly, global sensitivity of APL query under the need of node privacy protection and edge-weighted privacy protection is proved. Finally, the relationship between data availability and privacy control parameters in differential privacy is analyzed through experiments.

This paper proposes a new random forest classification algorithm based on differential privacy protection. In order to reduce the impact of differential privacy protection on the accuracy of random forest classification, a hybrid decision tree algorithm is proposed in this paper. The hybrid decision tree algorithm is applied to the construction of random forest, which balances the privacy and classification accuracy of the random forest algorithm based on differential privacy. Experiment results show that the random forest algorithm based on differential privacy can provide high privacy protection while ensuring high classification performance, achieving a balance between privacy and classification accuracy, and has practical application value.

Differential privacy, which is due to its rigorous mathematical proof and strong privacy guarantee, has become a standard for the release of statistics with privacy protection. Recently, a lot of dynamic data publishing algorithms based on differential privacy have been proposed, but most of the algorithms use a native method to allocate the privacy budget. That is, the limited privacy budget is allocated to each time point uniformly, which may result in the privacy budget being unreasonably utilized and reducing the utility of data. In order to make full use of the limited privacy budget in the dynamic data publishing and improve the utility of data publishing, we propose a dynamic data publishing algorithm based on reinforcement learning in this paper. The algorithm consists of two parts: privacy budget allocation and data release. In the privacy budget allocation phase, we combine the idea of reinforcement learning and the changing characteristics of dynamic data, and establish a reinforcement learning model for the allocation of privacy budget. Finally, the algorithm finds a reasonable privacy budget allocation scheme to publish dynamic data. In the data release phase, we also propose a new dynamic data publishing strategy to publish data after the privacy budget is exhausted. Extensive experiments on real datasets demonstrate that our algorithm can allocate the privacy budget reasonably and improve the utility of dynamic data publishing.

Although Vehicle Named Data Network (VNDN) possess the communication benefits of Named Data Network and Vehicle Opportunity Network, it also introduces some new privacy problems, including the identity security of Data Requesters and Data Providers. Data providers in VNDN need to sign data packets directly, which will leak the identity information of the providers, while the vicinity malicious nodes can access the sensitive information of Data Requesters by analyzing the relationship between Data Requesters and the data names in Interest Packages that are sent directly in plaintext. In order to solve the above privacy problems, this paper presents an identity privacy protection strategy for Data Requesters and Data Providers in VNDN. A ring signature scheme is used to hide the correlation between the signature and the data provider and the anonymous proxy idea is used to protect the real identity of the data requester in the proposed strategy. Security Analysis and experiments in the ONE-based VNDN platform indicate that the proposed strategy is effective and practical.

Information Centric Networking (ICN) has been regarded as an ideal architecture for the next-generation network to handle users' increasing demand for content delivery with in-network cache. While making better use of network resources and providing better delivery service, an effective access control mechanism is needed due to wide dissemination of contents. However, in the existing solutions, making cache-enabled routers or content providers authenticate users' requests causes high computation overhead and unnecessary delay. Also, straightforward utilization of advanced encryption algorithms increases the opportunities for DoS attacks. Besides, privacy protection and service accountability are rarely taken into account in this scenario. In this paper, we propose a secure, efficient, and accountable access control framework, called SEAF, for ICN, in which authentication is performed at the network edge to block unauthorized requests at the very beginning. We adopt group signature to achieve anonymous authentication, and use hash chain technique to greatly reduce the overhead when users make continuous requests for the same file. Furthermore, the content providers can affirm the service amount received from the network and extract feedback information from the signatures and hash chains. By formal security analysis and the comparison with related works, we show that SEAF achieves the expected security goals and possesses more useful features. The experimental results also demonstrate that our design is efficient for routers and content providers, and introduces only slight delay for users' content retrieval.

To preserve the privacy of social networks, most existing methods are applied to satisfy different anonymity models, but there are some serious problems such as huge large information losses and great structural modifications of original social network. Therefore, an improved privacy protection method called k-subgraph is proposed, which is based on k-degree anonymous graph derived from k-anonymity to keep the network structure stable. The method firstly divides network nodes into several clusters by label propagation algorithm, and then reconstructs the sub-graph by means of moving edges to achieve k-degree anonymity. Experimental results show that our k-subgraph method can not only effectively improve the defense capability against malicious attacks based on node degrees, but also maintain stability of network structure. In addition, the cost of information losses due to anonymity is minimized ideally.