Pub Date : 2024-05-19DOI: 10.1016/j.hcc.2024.100240
Wenyue Wang , Biwei Yan , Baobao Chai , Ruiyao Shen , Anming Dong , Jiguo Yu
In the Internet of Things (IoT), a large number of devices are connected using a variety of communication technologies to ensure that they can communicate both physically and over the network. However, devices face the challenge of a single point of failure, a malicious user may forge device identity to gain access and jeopardize system security. In addition, devices collect and transmit sensitive data, and the data can be accessed or stolen by unauthorized user, leading to privacy breaches, which posed a significant risk to both the confidentiality of user information and the protection of device integrity. Therefore, in order to solve the above problems and realize the secure transmission of data, this paper proposed EBIAS, a secure and efficient blockchain-based identity authentication scheme designed for IoT devices. First, EBIAS combined the Elliptic Curve Cryptography (ECC) algorithm and the SHA-256 algorithm to achieve encrypted communication of the sensitive data. Second, EBIAS integrated blockchain to tackle the single point of failure and ensure the integrity of the sensitive data. Finally, we performed security analysis and conducted sufficient experiment. The analysis and experimental results demonstrate that EBIAS has certain improvements on security and performance compared with the previous schemes, which further proves the feasibility and effectiveness of EBIAS.
{"title":"EBIAS: ECC-enabled blockchain-based identity authentication scheme for IoT device","authors":"Wenyue Wang , Biwei Yan , Baobao Chai , Ruiyao Shen , Anming Dong , Jiguo Yu","doi":"10.1016/j.hcc.2024.100240","DOIUrl":"10.1016/j.hcc.2024.100240","url":null,"abstract":"<div><div>In the Internet of Things (IoT), a large number of devices are connected using a variety of communication technologies to ensure that they can communicate both physically and over the network. However, devices face the challenge of a single point of failure, a malicious user may forge device identity to gain access and jeopardize system security. In addition, devices collect and transmit sensitive data, and the data can be accessed or stolen by unauthorized user, leading to privacy breaches, which posed a significant risk to both the confidentiality of user information and the protection of device integrity. Therefore, in order to solve the above problems and realize the secure transmission of data, this paper proposed EBIAS, a secure and efficient blockchain-based identity authentication scheme designed for IoT devices. First, EBIAS combined the Elliptic Curve Cryptography (ECC) algorithm and the SHA-256 algorithm to achieve encrypted communication of the sensitive data. Second, EBIAS integrated blockchain to tackle the single point of failure and ensure the integrity of the sensitive data. Finally, we performed security analysis and conducted sufficient experiment. The analysis and experimental results demonstrate that EBIAS has certain improvements on security and performance compared with the previous schemes, which further proves the feasibility and effectiveness of EBIAS.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100240"},"PeriodicalIF":3.2,"publicationDate":"2024-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141131302","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-05-18DOI: 10.1016/j.hcc.2024.100241
In today’s information age, eavesdropping has been one of the most serious privacy threats in information security, such as exodus spyware (Rudie et al., 2021) and pegasus spyware (Anatolyevich, 2020). And the main one of them is acoustic eavesdropping. Acoustic eavesdropping (George and Sagayarajan, 2023) is a technology that uses microphones, sensors, or other devices to collect and process sound signals and convert them into readable information. Although much research has been done in this area, there is still a lack of comprehensive investigation into the timeliness of this technology, given the continuous advancement of technology and the rapid development of eavesdropping methods. In this article, we have given a selective overview of acoustic eavesdropping, focusing on the methods of acoustic eavesdropping. More specifically, we divide acoustic eavesdropping into three categories: motion sensor-based acoustic eavesdropping, optical sensor-based acoustic eavesdropping, and RF-based acoustic eavesdropping. Within these three representative frameworks, we review the results of acoustic eavesdropping according to the type of equipment they use and the physical principles of each. Secondly, we also introduce several important but challenging applications of these acoustic eavesdropping methods. In addition, we compared the systems that meet the requirements of acoustic eavesdropping in real-world scenarios from multiple perspectives, including whether they are non-intrusive, whether they can achieve unconstrained word eavesdropping, and whether they use machine learning, etc. The general template of our article is as follows: firstly, we systematically review and classify the existing eavesdropping technologies, elaborate on their working mechanisms, and give corresponding formulas. Then, these eavesdropping methods were compared and analyzed, and each method’s effectiveness and technical difficulty were evaluated from multiple dimensions. In addition to an assessment of the current state of the field, we discuss the current shortcomings and challenges and give a fruitful direction for the future of acoustic eavesdropping research. We hope to continue to inspire researchers in this direction.
{"title":"A survey of acoustic eavesdropping attacks: Principle, methods, and progress","authors":"","doi":"10.1016/j.hcc.2024.100241","DOIUrl":"10.1016/j.hcc.2024.100241","url":null,"abstract":"<div><div>In today’s information age, eavesdropping has been one of the most serious privacy threats in information security, such as exodus spyware (Rudie et al., 2021) and pegasus spyware (Anatolyevich, 2020). And the main one of them is acoustic eavesdropping. Acoustic eavesdropping (George and Sagayarajan, 2023) is a technology that uses microphones, sensors, or other devices to collect and process sound signals and convert them into readable information. Although much research has been done in this area, there is still a lack of comprehensive investigation into the timeliness of this technology, given the continuous advancement of technology and the rapid development of eavesdropping methods. In this article, we have given a selective overview of acoustic eavesdropping, focusing on the methods of acoustic eavesdropping. More specifically, we divide acoustic eavesdropping into three categories: motion sensor-based acoustic eavesdropping, optical sensor-based acoustic eavesdropping, and RF-based acoustic eavesdropping. Within these three representative frameworks, we review the results of acoustic eavesdropping according to the type of equipment they use and the physical principles of each. Secondly, we also introduce several important but challenging applications of these acoustic eavesdropping methods. In addition, we compared the systems that meet the requirements of acoustic eavesdropping in real-world scenarios from multiple perspectives, including whether they are non-intrusive, whether they can achieve unconstrained word eavesdropping, and whether they use machine learning, etc. The general template of our article is as follows: firstly, we systematically review and classify the existing eavesdropping technologies, elaborate on their working mechanisms, and give corresponding formulas. Then, these eavesdropping methods were compared and analyzed, and each method’s effectiveness and technical difficulty were evaluated from multiple dimensions. In addition to an assessment of the current state of the field, we discuss the current shortcomings and challenges and give a fruitful direction for the future of acoustic eavesdropping research. We hope to continue to inspire researchers in this direction.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100241"},"PeriodicalIF":3.2,"publicationDate":"2024-05-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141138505","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Federated Learning (FL) is currently a widely used collaborative learning framework, and the distinguished feature of FL is that the clients involved in training do not need to share raw data, but only transfer the model parameters to share knowledge, and finally get a global model with improved performance. However, recent studies have found that sharing model parameters may still lead to privacy leakage. From the shared model parameters, local training data can be reconstructed and thus lead to a threat to individual privacy and security. We observed that most of the current attacks are aimed at client-specific data reconstruction, while limited attention is paid to the information leakage of the global model. In our work, we propose a novel FL attack based on shared model parameters that can deduce the data distribution of the global model. Different from other FL attacks that aim to infer individual clients’ raw data, the data distribution inference attack proposed in this work shows that the attackers can have the capability to deduce the data distribution information behind the global model. We argue that such information is valuable since the training data behind a well-trained global model indicates the common knowledge of a specific task, such as social networks and e-commerce applications. To implement such an attack, our key idea is to adopt a deep reinforcement learning approach to guide the attack process, where the RL agent adjusts the pseudo-data distribution automatically until it is similar to the ground truth data distribution. By a carefully designed Markov decision proces (MDP) process, our implementation ensures our attack can have stable performance and experimental results verify the effectiveness of our proposed inference attack.
{"title":"Data distribution inference attack in federated learning via reinforcement learning support","authors":"Dongxiao Yu , Hengming Zhang , Yan Huang , Zhenzhen Xie","doi":"10.1016/j.hcc.2024.100235","DOIUrl":"10.1016/j.hcc.2024.100235","url":null,"abstract":"<div><div>Federated Learning (FL) is currently a widely used collaborative learning framework, and the distinguished feature of FL is that the clients involved in training do not need to share raw data, but only transfer the model parameters to share knowledge, and finally get a global model with improved performance. However, recent studies have found that sharing model parameters may still lead to privacy leakage. From the shared model parameters, local training data can be reconstructed and thus lead to a threat to individual privacy and security. We observed that most of the current attacks are aimed at client-specific data reconstruction, while limited attention is paid to the information leakage of the global model. In our work, we propose a novel FL attack based on shared model parameters that can deduce the data distribution of the global model. Different from other FL attacks that aim to infer individual clients’ raw data, the data distribution inference attack proposed in this work shows that the attackers can have the capability to deduce the data distribution information behind the global model. We argue that such information is valuable since the training data behind a well-trained global model indicates the common knowledge of a specific task, such as social networks and e-commerce applications. To implement such an attack, our key idea is to adopt a deep reinforcement learning approach to guide the attack process, where the RL agent adjusts the pseudo-data distribution automatically until it is similar to the ground truth data distribution. By a carefully designed Markov decision proces (MDP) process, our implementation ensures our attack can have stable performance and experimental results verify the effectiveness of our proposed inference attack.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100235"},"PeriodicalIF":3.2,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141036150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-05-16DOI: 10.1016/j.hcc.2024.100234
Rehma Razzak , Yi (Joy) Li , Jing (Selena) He , Sungchul Jung , Chao Mei , Yan Huang
Attention deficit disorder is a frequently observed symptom in individuals with autism spectrum disorder (ASD). This condition can present significant obstacles for those affected, manifesting in challenges such as sustained focus, task completion, and the management of distractions. These issues can impede learning, social interactions, and daily functioning. This complexity of symptoms underscores the need for tailored approaches in both educational and therapeutic settings to support individuals with ASD effectively. In this study, we have expanded upon our initial virtual reality (VR) prototype, originally created for attention therapy, to conduct a detailed statistical analysis. Our objective was to precisely identify and measure any significant differences in attention-related outcomes between sessions and groups. Our study found that heart rate (HR) and electrodermal activity (EDA) were more responsive to attention shifts than temperature. The ‘Noise’ and ‘Score’ strategies significantly affected eye openness, with the ASD group showing more responsiveness. The control group had smaller pupil sizes, and the ASD group’s pupil size increased notably when switching strategies in Session 1. Distraction log data showed that both ‘Noise’ and ‘Object Opacity’ strategies influenced attention patterns, with the ‘Red Vignette’ strategy showing a significant effect only in the ASD group. The responsiveness of HR and EDA to attention shifts and the changes in pupil size could serve as valuable physiological markers to monitor and guide these interventions. These findings further support evidence that VR has positive implications for helping those with ASD, allowing for more tailored personalized interventions with meaningful impact.
{"title":"Using virtual reality to enhance attention for autistic spectrum disorder with eye tracking","authors":"Rehma Razzak , Yi (Joy) Li , Jing (Selena) He , Sungchul Jung , Chao Mei , Yan Huang","doi":"10.1016/j.hcc.2024.100234","DOIUrl":"10.1016/j.hcc.2024.100234","url":null,"abstract":"<div><div>Attention deficit disorder is a frequently observed symptom in individuals with autism spectrum disorder (ASD). This condition can present significant obstacles for those affected, manifesting in challenges such as sustained focus, task completion, and the management of distractions. These issues can impede learning, social interactions, and daily functioning. This complexity of symptoms underscores the need for tailored approaches in both educational and therapeutic settings to support individuals with ASD effectively. In this study, we have expanded upon our initial virtual reality (VR) prototype, originally created for attention therapy, to conduct a detailed statistical analysis. Our objective was to precisely identify and measure any significant differences in attention-related outcomes between sessions and groups. Our study found that heart rate (HR) and electrodermal activity (EDA) were more responsive to attention shifts than temperature. The ‘Noise’ and ‘Score’ strategies significantly affected eye openness, with the ASD group showing more responsiveness. The control group had smaller pupil sizes, and the ASD group’s pupil size increased notably when switching strategies in Session 1. Distraction log data showed that both ‘Noise’ and ‘Object Opacity’ strategies influenced attention patterns, with the ‘Red Vignette’ strategy showing a significant effect only in the ASD group. The responsiveness of HR and EDA to attention shifts and the changes in pupil size could serve as valuable physiological markers to monitor and guide these interventions. These findings further support evidence that VR has positive implications for helping those with ASD, allowing for more tailored personalized interventions with meaningful impact.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100234"},"PeriodicalIF":3.2,"publicationDate":"2024-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141026488","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-05-10DOI: 10.1016/j.hcc.2024.100227
The growing prevalence of AI services on cloud platforms is driving the demand for technologies and tools which enable the integration of multiple AI services to handle intricate tasks. Traditional methods of evaluating intelligent systems focus mainly on the performance of AI components, without providing comprehensive metrics for the system as a whole. Additionally, as these AI components are often sourced from third-party providers, users may face challenges due to inconsistent quality assurance and limitations in further developing AI models, and dealing with third-party service providers’ limitations. These limitations often involve quality assurance and a lack of capability for secondary development and training of services. To address these issues, we have developed a tool based on our previous work. It can autonomously build Intelligent systems from AI services while tackling the issues mentioned above. This tool not only creates service composition solutions that align with user-defined functional requirements and performance metrics but also executes these solutions to verify if the metrics meet user requirements. We have demonstrated the effectiveness of this tool in constructing trustworthy intelligent systems through a series of case studies.
{"title":"AIDCT: An AI service development and composition tool for constructing trustworthy intelligent systems","authors":"","doi":"10.1016/j.hcc.2024.100227","DOIUrl":"10.1016/j.hcc.2024.100227","url":null,"abstract":"<div><div>The growing prevalence of AI services on cloud platforms is driving the demand for technologies and tools which enable the integration of multiple AI services to handle intricate tasks. Traditional methods of evaluating intelligent systems focus mainly on the performance of AI components, without providing comprehensive metrics for the system as a whole. Additionally, as these AI components are often sourced from third-party providers, users may face challenges due to inconsistent quality assurance and limitations in further developing AI models, and dealing with third-party service providers’ limitations. These limitations often involve quality assurance and a lack of capability for secondary development and training of services. To address these issues, we have developed a tool based on our previous work. It can autonomously build Intelligent systems from AI services while tackling the issues mentioned above. This tool not only creates service composition solutions that align with user-defined functional requirements and performance metrics but also executes these solutions to verify if the metrics meet user requirements. We have demonstrated the effectiveness of this tool in constructing trustworthy intelligent systems through a series of case studies.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100227"},"PeriodicalIF":3.2,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141028150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-04-24DOI: 10.1016/j.hcc.2024.100233
Energy systems are currently undergoing a transformation towards new paradigms characterized by decarbonization, decentralization, democratization, and digitalization. In this evolving context, energy blockchain, aiming to enhance efficiency, transparency, and security, emerges as an integrated technological solution designed to address the diverse challenges in this field. Data security is essential for the reliable and efficient functioning of energy blockchain. The pressing need to address challenges related to secure data storage, effective data management, and efficient data utilization is increasingly vital. This paper offers a comprehensive survey of academic discourse on energy blockchain data security over the past five years, adopting an all-encompassing perspective that spans data storage, management, and utilization. Our work systematically evaluates and contrasts the strengths and weaknesses of various research methodologies. Additionally, this paper proposes an integrated hierarchical on-chain and off-chain security energy blockchain architecture, specifically designed to meet the complex security requirements of multi-blockchain business environments. Concludingly, this paper identifies key directions for future research, particularly in advancing the integration of storage, management, and utilization of energy blockchain data security.
{"title":"Review of data security within energy blockchain: A comprehensive analysis of storage, management, and utilization","authors":"","doi":"10.1016/j.hcc.2024.100233","DOIUrl":"10.1016/j.hcc.2024.100233","url":null,"abstract":"<div><p>Energy systems are currently undergoing a transformation towards new paradigms characterized by decarbonization, decentralization, democratization, and digitalization. In this evolving context, energy blockchain, aiming to enhance efficiency, transparency, and security, emerges as an integrated technological solution designed to address the diverse challenges in this field. Data security is essential for the reliable and efficient functioning of energy blockchain. The pressing need to address challenges related to secure data storage, effective data management, and efficient data utilization is increasingly vital. This paper offers a comprehensive survey of academic discourse on energy blockchain data security over the past five years, adopting an all-encompassing perspective that spans data storage, management, and utilization. Our work systematically evaluates and contrasts the strengths and weaknesses of various research methodologies. Additionally, this paper proposes an integrated hierarchical on-chain and off-chain security energy blockchain architecture, specifically designed to meet the complex security requirements of multi-blockchain business environments. Concludingly, this paper identifies key directions for future research, particularly in advancing the integration of storage, management, and utilization of energy blockchain data security.</p></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 3","pages":"Article 100233"},"PeriodicalIF":3.2,"publicationDate":"2024-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2667295224000369/pdfft?md5=f7e2a4d584d6483c6ca6513239cb3557&pid=1-s2.0-S2667295224000369-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140771830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-04-22DOI: 10.1016/j.hcc.2024.100232
Jiejun Hu-Bolz , Martin Reed , Kai Zhang , Zelei Liu , Juncheng Hu
With the increasing global mobile data traffic and daily user engagement, technologies, such as mobile crowdsensing, benefit hugely from the constant data flows from smartphone and IoT owners. However, the device users, as data owners, urgently require a secure and fair marketplace to negotiate with the data consumers. In this paper, we introduce a novel federated data acquisition market that consists of a group of local data aggregators (LDAs); a number of data owners; and, one data union to coordinate the data trade with the data consumers. Data consumers offer each data owner an individual price to stimulate participation. The mobile data owners naturally cooperate to gossip about individual prices with each other, which also leads to price fluctuation. It is challenging to analyse the interactions among the data owners and the data consumers using traditional game theory due to the complex price dynamics in a large-scale heterogeneous data acquisition scenario. Hence, we propose a data pricing strategy based on mean-field game (MFG) theory to model the data owners’ cost considering the price dynamics. We then investigate the interactions among the LDAs by using the distribution of price, namely the mean-field term. A numerical method is used to solve the proposed pricing strategy. The evaluations demonstrate that the proposed pricing strategy efficiently allows the data owners from multiple LDAs to reach an equilibrium on data quantity to sell regarding the current individual price scheme. The result further demonstrates that the influential LDAs determine the final price distribution. Last but not least, it shows that cooperation among mobile data owners leads to optimal social welfare even with the additional cost of information exchange.
{"title":"Federated data acquisition market: Architecture and a mean-field based data pricing strategy","authors":"Jiejun Hu-Bolz , Martin Reed , Kai Zhang , Zelei Liu , Juncheng Hu","doi":"10.1016/j.hcc.2024.100232","DOIUrl":"10.1016/j.hcc.2024.100232","url":null,"abstract":"<div><div>With the increasing global mobile data traffic and daily user engagement, technologies, such as mobile crowdsensing, benefit hugely from the constant data flows from smartphone and IoT owners. However, the device users, as data owners, urgently require a secure and fair marketplace to negotiate with the data consumers. In this paper, we introduce a novel federated data acquisition market that consists of a group of local data aggregators (LDAs); a number of data owners; and, one data union to coordinate the data trade with the data consumers. Data consumers offer each data owner an individual price to stimulate participation. The mobile data owners naturally cooperate to gossip about individual prices with each other, which also leads to price fluctuation. It is challenging to analyse the interactions among the data owners and the data consumers using traditional game theory due to the complex price dynamics in a large-scale heterogeneous data acquisition scenario. Hence, we propose a data pricing strategy based on mean-field game (MFG) theory to model the data owners’ cost considering the price dynamics. We then investigate the interactions among the LDAs by using the distribution of price, namely the mean-field term. A numerical method is used to solve the proposed pricing strategy. The evaluations demonstrate that the proposed pricing strategy efficiently allows the data owners from multiple LDAs to reach an equilibrium on data quantity to sell regarding the current individual price scheme. The result further demonstrates that the influential LDAs determine the final price distribution. Last but not least, it shows that cooperation among mobile data owners leads to optimal social welfare even with the additional cost of information exchange.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100232"},"PeriodicalIF":3.2,"publicationDate":"2024-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140768406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-04-16DOI: 10.1016/j.hcc.2024.100230
Duaa Alqattan , Varun Ojha , Fawzy Habib , Ayman Noor , Graham Morgan , Rajiv Ranjan
The Internet of Things (IoT) has led to rapid growth in smart cities. However, IoT botnet-based attacks against smart city systems are becoming more prevalent. Detection methods for IoT botnet-based attacks have been the subject of extensive research, but the identification of early-stage behaviour of the IoT botnet prior to any attack remains a largely unexplored area that could prevent any attack before it is launched. Few studies have addressed the early stages of IoT botnet detection using monolithic deep learning algorithms that could require more time for training and detection. We, however, propose an edge-based deep learning system for the detection of the early stages of IoT botnets in smart cities. The proposed system, which we call EDIT (Edge-based Detection of early-stage IoT Botnet), aims to detect abnormalities in network communication traffic caused by early-stage IoT botnets based on the modular neural network (MNN) method at multi-access edge computing (MEC) servers. MNN can improve detection accuracy and efficiency by leveraging parallel computing on MEC. According to the findings, EDIT has a lower false-negative rate compared to a monolithic approach and other studies. At the MEC server, EDIT takes as little as 16 ms for the detection of an IoT botnet.
{"title":"Modular neural network for edge-based detection of early-stage IoT botnet","authors":"Duaa Alqattan , Varun Ojha , Fawzy Habib , Ayman Noor , Graham Morgan , Rajiv Ranjan","doi":"10.1016/j.hcc.2024.100230","DOIUrl":"10.1016/j.hcc.2024.100230","url":null,"abstract":"<div><div>The Internet of Things (IoT) has led to rapid growth in smart cities. However, IoT botnet-based attacks against smart city systems are becoming more prevalent. Detection methods for IoT botnet-based attacks have been the subject of extensive research, but the identification of early-stage behaviour of the IoT botnet prior to any attack remains a largely unexplored area that could prevent any attack before it is launched. Few studies have addressed the early stages of IoT botnet detection using monolithic deep learning algorithms that could require more time for training and detection. We, however, propose an edge-based deep learning system for the detection of the early stages of IoT botnets in smart cities. The proposed system, which we call EDIT (<u>E</u>dge-based <u>D</u>etection of early-stage <u>I</u>oT Botne<u>t</u>), aims to detect abnormalities in network communication traffic caused by early-stage IoT botnets based on the modular neural network (MNN) method at multi-access edge computing (MEC) servers. MNN can improve detection accuracy and efficiency by leveraging parallel computing on MEC. According to the findings, EDIT has a lower false-negative rate compared to a monolithic approach and other studies. At the MEC server, EDIT takes as little as 16 ms for the detection of an IoT botnet.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100230"},"PeriodicalIF":3.2,"publicationDate":"2024-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140778543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-04-16DOI: 10.1016/j.hcc.2024.100228
By analyzing data gathered through Online Learning (OL) systems, data mining can be used to unearth hidden relationships between topics and trends in student performance. Here, in this paper, we show how data mining techniques such as clustering and association rule algorithms can be used on historical data to develop a unique recommendation system module. In our implementation, we utilize historical data to generate association rules specifically for student test marks below a threshold of 60%. By focusing on marks below this threshold, we aim to identify and establish associations based on the patterns of weakness observed in the past data. Additionally, we leverage K-means clustering to provide instructors with visual representations of the generated associations. This strategy aids instructors in better comprehending the information and associations produced by the algorithms. K-means clustering helps visualize and organize the data in a way that makes it easier for instructors to analyze and gain insights, enabling them to support the verification of the relationship between topics. This can be a useful tool to deliver better feedback to students as well as provide better insights to instructors when developing their pedagogy. This paper further shows a prototype implementation of the above-mentioned concepts to gain opinions and insights about the usability and viability of the proposed system.
通过分析在线学习(OL)系统收集到的数据,数据挖掘可以用来发现主题之间隐藏的关系和学生成绩的趋势。在本文中,我们展示了如何将聚类和关联规则算法等数据挖掘技术用于历史数据,以开发独特的推荐系统模块。在我们的实施过程中,我们利用历史数据生成关联规则,专门针对低于 60% 临界值的学生考试分数。通过关注低于这一阈值的分数,我们旨在根据过去数据中观察到的薄弱环节模式来识别和建立关联。此外,我们还利用 K 均值聚类为教师提供生成关联的可视化表示。这一策略有助于教师更好地理解算法生成的信息和关联。K-means 聚类有助于以可视化的方式组织数据,使教师更容易分析和洞察,从而为验证主题之间的关系提供支持。这可以成为一个有用的工具,为学生提供更好的反馈,并为教师在制定教学法时提供更好的见解。本文进一步展示了上述概念的原型实现,以获得有关拟议系统可用性和可行性的意见和见解。
{"title":"Unsupervised machine learning approach for tailoring educational content to individual student weaknesses","authors":"","doi":"10.1016/j.hcc.2024.100228","DOIUrl":"10.1016/j.hcc.2024.100228","url":null,"abstract":"<div><div>By analyzing data gathered through Online Learning (OL) systems, data mining can be used to unearth hidden relationships between topics and trends in student performance. Here, in this paper, we show how data mining techniques such as clustering and association rule algorithms can be used on historical data to develop a unique recommendation system module. In our implementation, we utilize historical data to generate association rules specifically for student test marks below a threshold of 60%. By focusing on marks below this threshold, we aim to identify and establish associations based on the patterns of weakness observed in the past data. Additionally, we leverage K-means clustering to provide instructors with visual representations of the generated associations. This strategy aids instructors in better comprehending the information and associations produced by the algorithms. K-means clustering helps visualize and organize the data in a way that makes it easier for instructors to analyze and gain insights, enabling them to support the verification of the relationship between topics. This can be a useful tool to deliver better feedback to students as well as provide better insights to instructors when developing their pedagogy. This paper further shows a prototype implementation of the above-mentioned concepts to gain opinions and insights about the usability and viability of the proposed system.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100228"},"PeriodicalIF":3.2,"publicationDate":"2024-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140782041","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-04-15DOI: 10.1016/j.hcc.2024.100226
With the increasingly pervasive deployment of fog servers, fog computing extends data processing and analysis to network edges. At the same time, as the next-generation power grid, the smart grid should meet the requirements of security, efficiency, and real-time monitoring of user energy consumption. By utilizing the low-latency and distributed properties of fog computing, it can improve communication efficiency and user service satisfaction in smart grids. For the sake of providing adequate functionality for the power grid, various schemes have been proposed. Whereas, many methods are vulnerable to privacy leakage since the existence of trusted authority may increase the exposure to threats. In this paper, we propose the EPri-MDAS: an Efficient Privacy-preserving Multiple Data Aggregation Scheme without trusted authority based on the ElGamal homomorphic cryptosystem, which achieves both data integrity verification and data source authentication with the most efficient block cipher-based authenticated encryption algorithm. It performs well in energy efficiency with strong security. Especially, the proposed multidimensional aggregation statistics scheme can perform the fine-grained data analyses; it also allows for fault tolerance while protecting personal privacy. The security analysis and simulation experiments show that EPri-MDAS can satisfy the security requirements and work efficiently in the smart grid.
{"title":"EPri-MDAS: An efficient privacy-preserving multiple data aggregation scheme without trusted authority for fog-based smart grid","authors":"","doi":"10.1016/j.hcc.2024.100226","DOIUrl":"10.1016/j.hcc.2024.100226","url":null,"abstract":"<div><div>With the increasingly pervasive deployment of fog servers, fog computing extends data processing and analysis to network edges. At the same time, as the next-generation power grid, the smart grid should meet the requirements of security, efficiency, and real-time monitoring of user energy consumption. By utilizing the low-latency and distributed properties of fog computing, it can improve communication efficiency and user service satisfaction in smart grids. For the sake of providing adequate functionality for the power grid, various schemes have been proposed. Whereas, many methods are vulnerable to privacy leakage since the existence of trusted authority may increase the exposure to threats. In this paper, we propose the EPri-MDAS: an <em>E</em>fficient <em>Pri</em>vacy-preserving <em>M</em>ultiple <em>D</em>ata <em>A</em>ggregation <em>S</em>cheme without trusted authority based on the ElGamal homomorphic cryptosystem, which achieves both data integrity verification and data source authentication with the most efficient block cipher-based authenticated encryption algorithm. It performs well in energy efficiency with strong security. Especially, the proposed multidimensional aggregation statistics scheme can perform the fine-grained data analyses; it also allows for fault tolerance while protecting personal privacy. The security analysis and simulation experiments show that EPri-MDAS can satisfy the security requirements and work efficiently in the smart grid.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100226"},"PeriodicalIF":3.2,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140782430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号