Biblio

Autonomous vehicles increasingly exploit computer-vision-based object detection systems to perceive environments and make critical driving decisions. To increase the quality of images, image stabilizers with inertial sensors are added to alleviate image blurring caused by camera jitters. However, such a trend opens a new attack surface. This paper identifies a system-level vulnerability resulting from the combination of the emerging image stabilizer hardware susceptible to acoustic manipulation and the object detection algorithms subject to adversarial examples. By emitting deliberately designed acoustic signals, an adversary can control the output of an inertial sensor, which triggers unnecessary motion compensation and results in a blurred image, even if the camera is stable. The blurred images can then induce object misclassification affecting safety-critical decision making. We model the feasibility of such acoustic manipulation and design an attack framework that can accomplish three types of attacks, i.e., hiding, creating, and altering objects. Evaluation results demonstrate the effectiveness of our attacks against four academic object detectors (YOLO V3/V4/V5 and Fast R-CNN), and one commercial detector (Apollo). We further introduce the concept of AMpLe attacks, a new class of system-level security vulnerabilities resulting from a combination of adversarial machine learning and physics-based injection of information-carrying signals into hardware.

The goal of the edge computing framework is to solve the problem of management and control in the access of massive 5G terminals in the power Internet of things. Firstly, this paper analyzes the needs of IOT agent in 5G ubiquitous connection, equipment management and control, intelligent computing and other aspects. In order to meet with these needs, paper develops the functions and processes of the edge computing framework, including unified access of heterogeneous devices, protocol adaptation, edge computing, cloud edge collaboration, security control and so on. Finally, the performance of edge computing framework is verified by the pressure test of 5G wireless ubiquitous connection.

With rapid advancement of Smart Grid as well as Internet of Things (IoT), current power distribution communication network faces the challenges of satisfying the emerging data transmission requirements of ubiquitous secure coverage for distributed power services. This paper focuses on secure ubiquitous wireless communication solution for power distribution Internet of Things (PDİoT) in Smart Grid. Detailed secure ubiquitous wireless communication networking topology is presented, and integrated encryption and communication device is developed. The proposed solution supports several State Secret cryptographic algorithm including SM1/SM2/SM3/SM4 as well as forward and reverse isolation functions, thus achieving secure wireless communication for PDİoT services.

Edge computing supports the deployment of ubiquitous, smart services by providing computing and storage closer to terminal devices. However, ensuring the full security and privacy of computations performed at the edge is challenging due to resource limitation. This paper responds to this challenge and proposes an adaptive approach to defense randomization among the edge data centers via a stochastic game, whose solution corresponds to the optimal security deployment at the network's edge. Moreover, security risk is evaluated subjectively based on Prospect Theory to reflect realistic scenarios where the attacker and the edge system do not similarly perceive the status of the infrastructure. The results show that a non-deterministic defense policy yields better security compared to a static defense strategy.

In new technological world pervasive computing plays the important role in data computing and communication. The pervasive computing provides the mobile environment for decentralized computational services at anywhere, anytime at any context and location. Pervasive computing is flexible and makes portable devices and computing surrounded us as part of our daily life. Devices like Laptop, Smartphones, PDAs, and any other portable devices can constitute the pervasive environment. These devices in pervasive environments are worldwide and can receive various communications including audio visual services. The users and the system in this pervasive environment face the challenges of user trust, data privacy and user and device node identity. To give the feasible determination for these challenges. This paper aims to propose a dynamic learning in pervasive computing environment refer the challenges proposed efficient security model (ESM) for trustworthy and untrustworthy attackers. ESM model also compared with existing generic models; it also provides better accuracy rate than existing models.

After the emergence of the cloud architecture, many companies migrate their data from conventional storage i.e., on bare metal to the cloud storage. Since then huge amount of data was stored on cloud servers, which later resulted in redundancy of huge amount of data. Hence in this cloud world, many data de-duplication techniques has been widely used. Not only the redundancy but also made data more secure and privacy of the existing data were also increased. Some techniques got limitations and some have their own advantages based on the requirements. Some of the attributes like data privacy, tag regularity and interruption to brute-force attacks. To make data deduplication technique more efficient based on the requirements. This paper will discuss schemes that brace user-defined access control, by allowing the service provider to get information of the information owners. Thus our scheme eliminates redundancy of the data without breaching the privacy and security of clients that depends on service providers. Our lastest deduplication scheme after performing various algorithms resulted in conclusion and producing more efficient data confidentiality and tag consistency. This paper has discussion on various techniques and their drawbacks for the effectiveness of the deduplication.

Rapid development of cloud storage services, users are allowed to upload heavy storage and computational cost to cloud to reduce the local resource and energy consumption. While people enjoy the desirable benefits from the cloud storage service, critical security concerns in data outsourcing have been raised seriously. In the cloud storage service, data owner loses the physical control of the data and these data are fully controlled by the cloud server. As such, the integrity of outsourced data is being put at risk in reality. Remote data integrity checking (RDIC) is an effective solution to checking the integrity of uploaded data. However, most RDIC schemes are rely on traditional public key infrastructure (PKI), which leads communication and storage overhead due to the certificate management. Identity-based RDIC scheme is not need the storage management, but it has a drawback of key escrow. To solve these problems, we propose a practical certificateless RDIC scheme. Moreover, many public auditing schemes authorize the third party auditor (TPA) to check the integrity of remote data and the TPA is not fully trusted. Thus, we take the data privacy into account. The proposed scheme not only can overcome the above deficiencies but also able to preserve the data privacy against the TPA. Our theoretical analyses prove that our mechanism is correct and secure, and our mechanism is able to audit the integrity of cloud data efficiently.

In the era of machine learning, mobile users are able to submit their symptoms to doctors at any time, anywhere for personal diagnosis. It is prevalent to exploit edge computing for real-time diagnosis services in order to reduce transmission latency. Although data-driven machine learning is powerful, it inevitably compromises privacy by relying on vast amounts of medical data to build a diagnostic model. Therefore, it is necessary to protect data privacy without accessing local data. However, the blossom has also been accompanied by various problems, i.e., the limitation of training data, vulnerabilities, and privacy concern. As a solution to these above challenges, in this paper, we design a lightweight privacy-preserving medical diagnosis mechanism on edge. Our method redesigns the extreme gradient boosting (XGBoost) model based on the edge-cloud model, which adopts encrypted model parameters instead of local data to reduce amounts of ciphertext computation to plaintext computation, thus realizing lightweight privacy preservation on resource-limited edges. Additionally, the proposed scheme is able to provide a secure diagnosis on edge while maintaining privacy to ensure an accurate and timely diagnosis. The proposed system with secure computation could securely construct the XGBoost model with lightweight overhead, and efficiently provide a medical diagnosis without privacy leakage. Our security analysis and experimental evaluation indicate the security, effectiveness, and efficiency of the proposed system.

In recent days cloud domain gains a lot of user attention in order to store and access the data from remote locations connected through the internet. As it is generally known that all the sensitive data come from remote locations will be stored in the centralized storage medium and then try to access the data from that centralized storage space controlled by the cloud server. It is facing a problem like there is no security for the data in terms of user authorization and data authentication from the centralized storage location. Hence, it is required to migrate for a new storage procedure like Decentralized storage of cloud data in which the systems that do not rely on a central authority, so that the collusion resistance can be avoided by maintaining a global identifier. Here, the term de-centralized access means granting multi authorities to control the access for providing more security for the sensitive data. The proposed research study attempts to develop a new scheme by adding a global identifier like Attribute Authority (AA) for providing access keys for the data users who wish to access the sensitive information from the cloud server. The proposed research work attempts to incorporate the composite order bilinear groups scheme for providing access facility for the data users and provide more security for the sensitive data. By conducting various experiments on the proposed model, the obtained result clearly tells that the proposed system is very efficient to access the data in a de-centralized manner by using a global identifier.

In recent times, the use of cloud computing has gained popularity all over the world in the context of performing smart computations on big data. The privacy of sensitive data of the client is of utmost important issues. Data leakage or hijackers may theft significant information about the client that ultimately may affect the reputation and prestige of its owner (bank) and client (customers). In general, to save the privacy of our banking data it is preferred to store, process, and transmit the data in the form of encrypted text. But now the main concern leads to secure computation over encrypted text or another possible way to perform computation over clouds makes data more vulnerable to hacking and attacks. Existing classical encryption techniques such as RSA, AES, and others provide secure transaction procedures for data over clouds but these are not fit for secure computation over data in the clouds. In 2009, Gentry comes with a solution for such issues and presents his idea as Homomorphic encryption (HE) that can perform computation over encrypted text without decrypting the data itself. Now a day's privacy-enhancing techniques (PET) are there to explore more potential benefits in security issues and useful in historical cases of privacy failure. Differential privacy, Federated analysis, homomorphic encryption, zero-knowledge proof, and secure multiparty computation are a privacy-enhancing technique that may useful in financial services as these techniques provide a fully-fledged mechanism for financial institutes. With the collaboration of industries, these techniques are may enable new data-sharing agreements for a more secure solution over data. In this paper, the primary concern is to investigate the different standards and properties of homomorphic encryption in digital banking and financial institutions.

Cloud-based enterprise search services (e.g., AWS Kendra) have been entrancing big data owners by offering convenient and real-time search solutions to them. However, the problem is that individuals and organizations possessing confidential big data are hesitant to embrace such services due to valid data privacy concerns. In addition, to offer an intelligent search, these services access the user’s search history that further jeopardizes his/her privacy. To overcome the privacy problem, the main idea of this research is to separate the intelligence aspect of the search from its pattern matching aspect. According to this idea, the search intelligence is provided by an on-premises edge tier and the shared cloud tier only serves as an exhaustive pattern matching search utility. We propose Smartness at Edge (SAED mechanism that offers intelligence in the form of semantic and personalized search at the edge tier while maintaining privacy of the search on the cloud tier. At the edge tier, SAED uses a knowledge-based lexical database to expand the query and cover its semantics. SAED personalizes the search via an RNN model that can learn the user’s interest. A word embedding model is used to retrieve documents based on their semantic relevance to the search query. SAED is generic and can be plugged into existing enterprise search systems and enable them to offer intelligent and privacy-preserving search without enforcing any change on them. Evaluation results on two enterprise search systems under real settings and verified by human users demonstrate that SAED can improve the relevancy of the retrieved results by on average ≈24% for plain-text and ≈75% for encrypted generic datasets.

How to analyze users' data without compromising individual privacy is an important issue in cloud computing. In order to protect privacy and enable the cloud to perform computing, users can apply homomorphic encryption schemes to their data. Most of existing homomorphic encryption-based cloud computing methods require that users' data are encrypted with the same key. While in practice, different users may prefer to use different keys. In this paper, we propose a privacy-preserving cloud computing method which adopts a double-trapdoor homomorphic encryption scheme to deal with the multi-key issue. The proposed method uses two cloud servers to analyze users' encrypted data. And we propose to use blockchain to monitor the information exchanged between the servers. Security analysis shows that the introduction of blockchain can help to prevent the two servers from colluding with each other, hence data privacy is further enhanced. And we conduct simulations to demonstrate the feasibility of the propose method.

The cloud infrastructure is not new to the society from past one decade. But even in recent time, the companies started migrating from local services to cloud services for better connectivity and for other requirements, this is due to companies financial limitations on existing infrastructure, they are migrating to less cost and hire and fire support based cloud infrastructures. But the proposed cloud infrastructure require security on event logs accessed by different end users on the cloud environment. To adopt the security on local services to cloud service based infrastructure, it need better identify management between end users. Therefore this paper presents the related works of user identity as a service for each user involving in cloud service and the accessing permission and protection will be monitored and controlled by the cloud security infrastructures.

With the rapid development of cloud computing which has been extensively applied in the health research, the concept of medical cloud has become widespread. In this paper, we proposed an integrated medical cloud architecture with multiple applications based on privacy protection. The scheme in this paper adopted attribute encryption to ensure the PHR files encrypted all the time in order to protect the health privacy of the PHR owners not leaked. In addition, the medical cloud architecture proposed in this paper is suitable for multiple application scenarios. Different from the traditional domain division which has public domain (PUD) and private domain (PSD), the PUD domain is further divided into PUD1and PUD2 with finer granularity based on different permissions of the PHR users. In the PUD1, the PHR users have read or write access to the PHR files, while the PHR users in the PUD2 only have read permissions. In the PSD, we use key aggregation encryption (KAE) to realize the access control. For PHR users of PUD1 and PUD2, the outsourcable ABE technology is adopted to greatly reduce the computing burden of users. The results of function and performance test show that the scheme is safe and effective.

Cloud computing is one of the greatest and authoritative paradigms in computing as it provides access and use of various third-party services at a lower cost. However, there exist various security challenges facing cloud computing especially in the aspect of data privacy and this is more critical when dealing with sensitive personal or organization's data. Cloud service providers encrypt data during transfer from the local hard drive to the cloud server and at the server-side, the only problem is that the encryption key is stored by the service provider meaning they can decrypt your data. This paper discusses how cloud security can be enhanced by using client-side data encryption (pre-internet encryption), this will allow the clients to encrypt data before uploading to the cloud and store the key themselves. This means that data will be rendered to the cloud in an unreadable and secure format that cannot be accessed by unauthorized persons.

Underwater acoustic sensor networks (UASNs) have been receiving more and more attention due to their wide applications and the marine data collection is one of the important applications of UASNs. However, the openness and unreliability of underwater acoustic communication links and the easy capture of underwater wireless devices make UASNs vulnerable to various attacks. On the other hand, due to the limited resources of underwater acoustic network nodes, the high bit error rates, large and variable propagation delays, and low bandwidth of acoustic channels, many mature security mechanisms in terrestrial wireless sensor networks cannot be applied in the underwater environment [1]. In this paper, a secure communication protocol for marine data collection was proposed to ensure the confidentiality and data integrity of communication between under sensor nodes and the sink node in UASNs.

In recent years, the underwater sensor network has emerged as a promising solution for a wide range of marine applications. The underwater wireless sensors are usually designed to operate in open water, where eavesdropping can be a serious issue. Existing work either utilizes cryptography that is computationally intensive or requires expensive hardware. In this paper, we present a coordinated multi-point transmission based protocol to improve network security. The proposed protocol dynamically pairs sensors for coordinated communications to undermine the eavesdroppers’ capability. Our preliminary results indicate that the underwater sensor network security can be enhanced using the proposed method, especially in applications where cryptography or special hardware are not suitable.

Based on the success of terrestrial Internet of Things (IoT), research has started on Underwater IoT (UIoT). The UIoT describes global network of connected underwater things that interact with water environment and communicate with terrestrial network through the underwater communication technologies. For UIoT device, it is important to choose the channel before transmission. This paper deals with UIoT communication technologies and ontology based path selection mechanism for UIoT.

Underwater networks have the potential to allow previously unexplored applications as well as improve our ability to observe and forecast the ocean. Underwater acoustic sensor networks (UASNs) are often deployed in unprecedented and hostile waters and face many security threats. Applications based on UASNs such as coastal defense, pollution monitoring, assisted navigation to name a few, require secure communication. A new set of communication protocols and cooperative coordination algorithms have been proposed to enable collaborative monitoring tasks. However, such protocols overlook security as a key performance indicator. Spoofing, altering, or replaying routing information can affect the entire network, making UASN vulnerable to routing attacks such as selective forwarding, sinkhole attack, Sybil attack, acknowledgement spoofing and HELLO flood attack. The lack of security against such threats is startling if it is observed that security is indeed an important requirement in many emerging civilian and military applications. In this work, the sinkhole attack prevalent among UASNs is looked at and discuss mitigation approaches that can feasibly be implemented in UnetStack3.

Due to broadcast nature of acoustic signal, underwater acoustic sensor networks face security challenge. In the paper, we propose a physical layer security transmission scheme with cooperative jamming. The proposed scheme takes advantage of the long propagation delay of the underwater acoustic channel to interfere with eavesdropper without affecting the reception of intended users. The results of both simulation and field experiment show that the proposed mechanism can improve the secrecy capacity of the network and effectively jam eavesdropper.

The ongoing expansion of underwater Internet of Things techniques promote diverse categories of maritime intelligent systems, e.g., Underwater Acoustic Sensor Networks (UASNs), Underwater Wireless Networks (UWNs), especially multiple Autonomous Underwater Vehicle (AUV) based UWNs have produced many civil and military applications. To enhance the network management and scalability, in this paper, the technique of Software-Defined Networking (SDN) technique is introduced, leading to the paradigm of Software-Defined multi-AUV-based UWNs (SD-UWNs). With SD-UWNs, the network architecture is divided into three functional layers: data layer, control layer, and application layer, and the network administration is re-defined by a framework of software-defined beacon. To manage the network, a control model based on artificial potential field and network topology theory is constructed. On account of the efficient data sharing ability of SD-UWNs, a proactive alarming-enabled path planning scheme is proposed, wherein all potential categories of obstacle avoidance scenes are taken into account. Evaluation results indicate that the proposed SD-UWN is more efficient in scheduling the cooperative network function than the traditional approaches and can secure exact path planning.

Underwater wireless optical communications are studied through single photon detection, photon states modulation and quantum key encryption. These studies will promote the development of optical communication applications in underwater vehicles and underwater sensor networks.

We propose a method to let a source and a destination agree on a key that remains secret to a potential eavesdropper in an underwater acoustic network (UWAN). We generate the key from the propagation delay measured over a set of multihop routes: this harvests the randomness in the UWAN topology and turns the slow sound propagation in the water into an advantage for the key agreement protocol. Our scheme relies on a route discovery handshake. During this process, all intermediate relays accumulate message processing delays, so that both the source and the destination can compute the actual propagation delays along each route, and map this information to a string of bits. Finally, via a secret key agreement from the information-theoretic security framework, we obtain an equal set of bits at the source and destination, which is provably secret to a potential eavesdropper located away from both nodes. Our simulation results show that, even for small UWANs of 4 nodes, we obtain 11 secret bits per explored topology, and that the protocol is insensitive to an average node speed of up to 0.5 m/s.

To improve communication underwater, the underwater sensor networks (UWSN) provide gains for many different underwater applications, like Underwater Data-centers, Aquatic Monitoring, Tsunami Monitoring Systems, Aquatic Monitoring, Underwater Oil Field Discovery, Submarine Target Localization, Surveilling Water Territory of the Country via UWSN, Submarine Target Localization and many more. underwater applications are dependent on secure data communication in an underwater environment, so Data transmission in Underwater Sensor Network is a need of the future. Underwater data transmission itself is a big challenge due to various limitations of underwater communication mediums like lower bandwidth, multipath effect, path loss, propagation delay, noise, Doppler spread, and so on. These challenges make the underwater networks one of the most vulnerable networks for many different security attacks like sinkhole, spoofing, wormhole, misdirection, etc. It causes packets unable to be delivered to the destination, and even worse forward them to malicious nodes. A compromised node, which may be a router, intercepts packets going through it, and selectively drops them or can perform some malicious activity. This paper presents a solution to Mitigate unsecured data forwarding related attacks of an underwater sensor network, our solution uses a pre-shared key to secure communication and hashing algorithm to maintain the integrity of stored locations at head node and demonstration of attack and its mitigation done on Unetstack software.

Because the underwater acoustic communication network transmits data through the underwater acoustic wireless link, the Underwater Acoustic Communication Network is easy to suffer from the external artificial interference, in this paper, the detection algorithm of wormhole attack in Underwater Acoustic Communication Network based on Azimuth measurement technology is studied. The existence of wormhole attack is judged by Azimuth or distance outliers, and the security performance of underwater acoustic communication network is evaluated. The influence of different azimuth direction errors on the detection probability of wormhole attack is analyzed by simulation. The simulation results show that this method has a good detection effect for Underwater Acoustic Communication Network.