High-Confidence Computing最新文献_第7页

Data distribution inference attack in federated learning via reinforcement learning support 通过强化学习支持联合学习中的数据分布推理攻击

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-05-17 DOI: 10.1016/j.hcc.2024.100235

Dongxiao Yu , Hengming Zhang , Yan Huang , Zhenzhen Xie

Federated Learning (FL) is currently a widely used collaborative learning framework, and the distinguished feature of FL is that the clients involved in training do not need to share raw data, but only transfer the model parameters to share knowledge, and finally get a global model with improved performance. However, recent studies have found that sharing model parameters may still lead to privacy leakage. From the shared model parameters, local training data can be reconstructed and thus lead to a threat to individual privacy and security. We observed that most of the current attacks are aimed at client-specific data reconstruction, while limited attention is paid to the information leakage of the global model. In our work, we propose a novel FL attack based on shared model parameters that can deduce the data distribution of the global model. Different from other FL attacks that aim to infer individual clients’ raw data, the data distribution inference attack proposed in this work shows that the attackers can have the capability to deduce the data distribution information behind the global model. We argue that such information is valuable since the training data behind a well-trained global model indicates the common knowledge of a specific task, such as social networks and e-commerce applications. To implement such an attack, our key idea is to adopt a deep reinforcement learning approach to guide the attack process, where the RL agent adjusts the pseudo-data distribution automatically until it is similar to the ground truth data distribution. By a carefully designed Markov decision proces (MDP) process, our implementation ensures our attack can have stable performance and experimental results verify the effectiveness of our proposed inference attack.

联邦学习（Federated Learning， FL）是目前应用比较广泛的一种协作学习框架，其显著的特点是参与训练的客户端不需要共享原始数据，只需要通过传递模型参数来共享知识，最终得到一个性能提高的全局模型。然而，最近的研究发现，共享模型参数仍然可能导致隐私泄露。利用共享的模型参数，可以重构局部训练数据，从而对个人隐私和安全构成威胁。我们观察到，目前大多数攻击都是针对特定客户端的数据重构，而对全局模型的信息泄露关注有限。在我们的工作中，我们提出了一种新的基于共享模型参数的FL攻击，可以推断出全局模型的数据分布。与其他旨在推断单个客户端原始数据的FL攻击不同，本文提出的数据分布推断攻击表明攻击者可以推断出全局模型背后的数据分布信息。我们认为这些信息是有价值的，因为训练有素的全局模型背后的训练数据表明了特定任务的共同知识，例如社交网络和电子商务应用程序。为了实现这样的攻击，我们的关键思想是采用深度强化学习方法来指导攻击过程，其中RL代理自动调整伪数据分布，直到它与地面真实数据分布相似。通过精心设计的马尔可夫决策过程（MDP），我们的实现确保了我们的攻击具有稳定的性能，实验结果验证了我们提出的推理攻击的有效性。

{"title":"Data distribution inference attack in federated learning via reinforcement learning support","authors":"Dongxiao Yu , Hengming Zhang , Yan Huang , Zhenzhen Xie","doi":"10.1016/j.hcc.2024.100235","DOIUrl":"10.1016/j.hcc.2024.100235","url":null,"abstract":"<div><div>Federated Learning (FL) is currently a widely used collaborative learning framework, and the distinguished feature of FL is that the clients involved in training do not need to share raw data, but only transfer the model parameters to share knowledge, and finally get a global model with improved performance. However, recent studies have found that sharing model parameters may still lead to privacy leakage. From the shared model parameters, local training data can be reconstructed and thus lead to a threat to individual privacy and security. We observed that most of the current attacks are aimed at client-specific data reconstruction, while limited attention is paid to the information leakage of the global model. In our work, we propose a novel FL attack based on shared model parameters that can deduce the data distribution of the global model. Different from other FL attacks that aim to infer individual clients’ raw data, the data distribution inference attack proposed in this work shows that the attackers can have the capability to deduce the data distribution information behind the global model. We argue that such information is valuable since the training data behind a well-trained global model indicates the common knowledge of a specific task, such as social networks and e-commerce applications. To implement such an attack, our key idea is to adopt a deep reinforcement learning approach to guide the attack process, where the RL agent adjusts the pseudo-data distribution automatically until it is similar to the ground truth data distribution. By a carefully designed Markov decision proces (MDP) process, our implementation ensures our attack can have stable performance and experimental results verify the effectiveness of our proposed inference attack.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100235"},"PeriodicalIF":3.2,"publicationDate":"2024-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141036150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Using virtual reality to enhance attention for autistic spectrum disorder with eye tracking 利用虚拟现实技术，通过眼动追踪提高自闭症谱系障碍患者的注意力

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-05-16 DOI: 10.1016/j.hcc.2024.100234

Rehma Razzak , Yi (Joy) Li , Jing (Selena) He , Sungchul Jung , Chao Mei , Yan Huang

Attention deficit disorder is a frequently observed symptom in individuals with autism spectrum disorder (ASD). This condition can present significant obstacles for those affected, manifesting in challenges such as sustained focus, task completion, and the management of distractions. These issues can impede learning, social interactions, and daily functioning. This complexity of symptoms underscores the need for tailored approaches in both educational and therapeutic settings to support individuals with ASD effectively. In this study, we have expanded upon our initial virtual reality (VR) prototype, originally created for attention therapy, to conduct a detailed statistical analysis. Our objective was to precisely identify and measure any significant differences in attention-related outcomes between sessions and groups. Our study found that heart rate (HR) and electrodermal activity (EDA) were more responsive to attention shifts than temperature. The ‘Noise’ and ‘Score’ strategies significantly affected eye openness, with the ASD group showing more responsiveness. The control group had smaller pupil sizes, and the ASD group’s pupil size increased notably when switching strategies in Session 1. Distraction log data showed that both ‘Noise’ and ‘Object Opacity’ strategies influenced attention patterns, with the ‘Red Vignette’ strategy showing a significant effect only in the ASD group. The responsiveness of HR and EDA to attention shifts and the changes in pupil size could serve as valuable physiological markers to monitor and guide these interventions. These findings further support evidence that VR has positive implications for helping those with ASD, allowing for more tailored personalized interventions with meaningful impact.

注意缺陷障碍是自闭症谱系障碍（ASD）患者经常观察到的症状。这种情况会给那些受影响的人带来很大的障碍，表现在持续集中注意力、完成任务和管理分心等挑战上。这些问题会阻碍学习、社会交往和日常功能。这种症状的复杂性强调了在教育和治疗环境中需要量身定制的方法来有效地支持自闭症患者。在这项研究中，我们扩展了最初为注意力治疗而创建的虚拟现实（VR）原型，进行了详细的统计分析。我们的目标是精确地识别和测量不同阶段和不同组之间注意力相关结果的任何显著差异。我们的研究发现，心率（HR）和皮肤电活动（EDA）对注意力转移的反应比温度更敏感。“噪音”和“得分”策略显著影响了眼睛的开放性，ASD组表现出更多的反应。对照组的瞳孔尺寸较小，ASD组的瞳孔尺寸在第1阶段转换策略时显著增加。分心日志数据显示，“噪音”和“不透明对象”策略都影响注意力模式，“红色小场景”策略仅在ASD组中显示出显著效果。HR和EDA对注意力转移和瞳孔大小变化的反应性可以作为监测和指导这些干预措施的有价值的生理指标。这些发现进一步支持了VR对帮助ASD患者具有积极意义的证据，允许更有针对性的个性化干预措施产生有意义的影响。

{"title":"Using virtual reality to enhance attention for autistic spectrum disorder with eye tracking","authors":"Rehma Razzak , Yi (Joy) Li , Jing (Selena) He , Sungchul Jung , Chao Mei , Yan Huang","doi":"10.1016/j.hcc.2024.100234","DOIUrl":"10.1016/j.hcc.2024.100234","url":null,"abstract":"<div><div>Attention deficit disorder is a frequently observed symptom in individuals with autism spectrum disorder (ASD). This condition can present significant obstacles for those affected, manifesting in challenges such as sustained focus, task completion, and the management of distractions. These issues can impede learning, social interactions, and daily functioning. This complexity of symptoms underscores the need for tailored approaches in both educational and therapeutic settings to support individuals with ASD effectively. In this study, we have expanded upon our initial virtual reality (VR) prototype, originally created for attention therapy, to conduct a detailed statistical analysis. Our objective was to precisely identify and measure any significant differences in attention-related outcomes between sessions and groups. Our study found that heart rate (HR) and electrodermal activity (EDA) were more responsive to attention shifts than temperature. The ‘Noise’ and ‘Score’ strategies significantly affected eye openness, with the ASD group showing more responsiveness. The control group had smaller pupil sizes, and the ASD group’s pupil size increased notably when switching strategies in Session 1. Distraction log data showed that both ‘Noise’ and ‘Object Opacity’ strategies influenced attention patterns, with the ‘Red Vignette’ strategy showing a significant effect only in the ASD group. The responsiveness of HR and EDA to attention shifts and the changes in pupil size could serve as valuable physiological markers to monitor and guide these interventions. These findings further support evidence that VR has positive implications for helping those with ASD, allowing for more tailored personalized interventions with meaningful impact.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100234"},"PeriodicalIF":3.2,"publicationDate":"2024-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141026488","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

AIDCT: An AI service development and composition tool for constructing trustworthy intelligent systems AIDCT：用于构建可信智能系统的人工智能服务开发和组合工具

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-05-10 DOI: 10.1016/j.hcc.2024.100227

The growing prevalence of AI services on cloud platforms is driving the demand for technologies and tools which enable the integration of multiple AI services to handle intricate tasks. Traditional methods of evaluating intelligent systems focus mainly on the performance of AI components, without providing comprehensive metrics for the system as a whole. Additionally, as these AI components are often sourced from third-party providers, users may face challenges due to inconsistent quality assurance and limitations in further developing AI models, and dealing with third-party service providers’ limitations. These limitations often involve quality assurance and a lack of capability for secondary development and training of services. To address these issues, we have developed a tool based on our previous work. It can autonomously build Intelligent systems from AI services while tackling the issues mentioned above. This tool not only creates service composition solutions that align with user-defined functional requirements and performance metrics but also executes these solutions to verify if the metrics meet user requirements. We have demonstrated the effectiveness of this tool in constructing trustworthy intelligent systems through a series of case studies.

云平台上的人工智能服务日益普及，推动了对能够整合多种人工智能服务以处理复杂任务的技术和工具的需求。传统的智能系统评估方法主要关注人工智能组件的性能，而不提供系统整体的综合指标。此外，由于这些人工智能组件通常来自第三方提供商，用户在进一步开发人工智能模型和处理第三方服务提供商的限制时，可能会面临质量保证不一致和限制等挑战。这些限制往往涉及质量保证以及缺乏二次开发和培训服务的能力。为了解决这些问题，我们在以往工作的基础上开发了一种工具。它可以自主地从人工智能服务中构建智能系统，同时解决上述问题。该工具不仅能创建符合用户定义的功能要求和性能指标的服务组成解决方案，还能执行这些解决方案，以验证指标是否符合用户要求。我们通过一系列案例研究证明了该工具在构建值得信赖的智能系统方面的有效性。

{"title":"AIDCT: An AI service development and composition tool for constructing trustworthy intelligent systems","authors":"","doi":"10.1016/j.hcc.2024.100227","DOIUrl":"10.1016/j.hcc.2024.100227","url":null,"abstract":"<div><div>The growing prevalence of AI services on cloud platforms is driving the demand for technologies and tools which enable the integration of multiple AI services to handle intricate tasks. Traditional methods of evaluating intelligent systems focus mainly on the performance of AI components, without providing comprehensive metrics for the system as a whole. Additionally, as these AI components are often sourced from third-party providers, users may face challenges due to inconsistent quality assurance and limitations in further developing AI models, and dealing with third-party service providers’ limitations. These limitations often involve quality assurance and a lack of capability for secondary development and training of services. To address these issues, we have developed a tool based on our previous work. It can autonomously build Intelligent systems from AI services while tackling the issues mentioned above. This tool not only creates service composition solutions that align with user-defined functional requirements and performance metrics but also executes these solutions to verify if the metrics meet user requirements. We have demonstrated the effectiveness of this tool in constructing trustworthy intelligent systems through a series of case studies.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100227"},"PeriodicalIF":3.2,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141028150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Review of data security within energy blockchain: A comprehensive analysis of storage, management, and utilization 审查能源区块链中的数据安全：对存储、管理和使用的全面分析

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-24 DOI: 10.1016/j.hcc.2024.100233

Energy systems are currently undergoing a transformation towards new paradigms characterized by decarbonization, decentralization, democratization, and digitalization. In this evolving context, energy blockchain, aiming to enhance efficiency, transparency, and security, emerges as an integrated technological solution designed to address the diverse challenges in this field. Data security is essential for the reliable and efficient functioning of energy blockchain. The pressing need to address challenges related to secure data storage, effective data management, and efficient data utilization is increasingly vital. This paper offers a comprehensive survey of academic discourse on energy blockchain data security over the past five years, adopting an all-encompassing perspective that spans data storage, management, and utilization. Our work systematically evaluates and contrasts the strengths and weaknesses of various research methodologies. Additionally, this paper proposes an integrated hierarchical on-chain and off-chain security energy blockchain architecture, specifically designed to meet the complex security requirements of multi-blockchain business environments. Concludingly, this paper identifies key directions for future research, particularly in advancing the integration of storage, management, and utilization of energy blockchain data security.

能源系统目前正经历着一场变革，向着以去碳化、去中心化、民主化和数字化为特征的新模式发展。在这种不断发展的背景下，旨在提高效率、透明度和安全性的能源区块链作为一种综合技术解决方案应运而生，旨在应对该领域的各种挑战。数据安全对于能源区块链的可靠和高效运作至关重要。解决与安全数据存储、有效数据管理和高效数据利用有关的挑战的迫切需要越来越重要。本文采用涵盖数据存储、管理和利用的全方位视角，对过去五年有关能源区块链数据安全的学术论述进行了全面调查。我们的工作系统地评估和对比了各种研究方法的优缺点。此外，本文还提出了一种链上和链下一体化分层安全能源区块链架构，专门用于满足多区块链业务环境的复杂安全要求。最后，本文指出了未来研究的主要方向，特别是在推进能源区块链数据安全的存储、管理和利用一体化方面。

{"title":"Review of data security within energy blockchain: A comprehensive analysis of storage, management, and utilization","authors":"","doi":"10.1016/j.hcc.2024.100233","DOIUrl":"10.1016/j.hcc.2024.100233","url":null,"abstract":"<div><p>Energy systems are currently undergoing a transformation towards new paradigms characterized by decarbonization, decentralization, democratization, and digitalization. In this evolving context, energy blockchain, aiming to enhance efficiency, transparency, and security, emerges as an integrated technological solution designed to address the diverse challenges in this field. Data security is essential for the reliable and efficient functioning of energy blockchain. The pressing need to address challenges related to secure data storage, effective data management, and efficient data utilization is increasingly vital. This paper offers a comprehensive survey of academic discourse on energy blockchain data security over the past five years, adopting an all-encompassing perspective that spans data storage, management, and utilization. Our work systematically evaluates and contrasts the strengths and weaknesses of various research methodologies. Additionally, this paper proposes an integrated hierarchical on-chain and off-chain security energy blockchain architecture, specifically designed to meet the complex security requirements of multi-blockchain business environments. Concludingly, this paper identifies key directions for future research, particularly in advancing the integration of storage, management, and utilization of energy blockchain data security.</p></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 3","pages":"Article 100233"},"PeriodicalIF":3.2,"publicationDate":"2024-04-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2667295224000369/pdfft?md5=f7e2a4d584d6483c6ca6513239cb3557&pid=1-s2.0-S2667295224000369-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140771830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Federated data acquisition market: Architecture and a mean-field based data pricing strategy 联合数据采集市场：架构和基于均值场的数据定价策略

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-22 DOI: 10.1016/j.hcc.2024.100232

Jiejun Hu-Bolz , Martin Reed , Kai Zhang , Zelei Liu , Juncheng Hu

With the increasing global mobile data traffic and daily user engagement, technologies, such as mobile crowdsensing, benefit hugely from the constant data flows from smartphone and IoT owners. However, the device users, as data owners, urgently require a secure and fair marketplace to negotiate with the data consumers. In this paper, we introduce a novel federated data acquisition market that consists of a group of local data aggregators (LDAs); a number of data owners; and, one data union to coordinate the data trade with the data consumers. Data consumers offer each data owner an individual price to stimulate participation. The mobile data owners naturally cooperate to gossip about individual prices with each other, which also leads to price fluctuation. It is challenging to analyse the interactions among the data owners and the data consumers using traditional game theory due to the complex price dynamics in a large-scale heterogeneous data acquisition scenario. Hence, we propose a data pricing strategy based on mean-field game (MFG) theory to model the data owners’ cost considering the price dynamics. We then investigate the interactions among the LDAs by using the distribution of price, namely the mean-field term. A numerical method is used to solve the proposed pricing strategy. The evaluations demonstrate that the proposed pricing strategy efficiently allows the data owners from multiple LDAs to reach an equilibrium on data quantity to sell regarding the current individual price scheme. The result further demonstrates that the influential LDAs determine the final price distribution. Last but not least, it shows that cooperation among mobile data owners leads to optimal social welfare even with the additional cost of information exchange.

随着全球移动数据流量和日常用户参与度的增加，移动众测等技术从智能手机和物联网用户的持续数据流中受益匪浅。然而，作为数据所有者的设备用户迫切需要一个安全、公平的市场来与数据消费者进行谈判。本文介绍了一种新的联邦数据采集市场，它由一组本地数据聚合器（lda）组成；若干数据所有者；建立一个数据联盟，协调数据交易与数据消费者之间的关系。数据消费者向每个数据所有者提供一个单独的价格，以刺激参与。移动数据所有者自然会相互合作八卦个人价格，这也导致了价格的波动。由于大规模异构数据采集场景中复杂的价格动态，使用传统博弈论分析数据所有者和数据消费者之间的相互作用具有挑战性。因此，我们提出了一种基于平均场博弈理论的数据定价策略，以考虑价格动态对数据所有者成本进行建模。然后，我们利用价格分布（即平均场项）来研究lda之间的相互作用。采用数值方法求解所提出的定价策略。评估结果表明，所提出的定价策略能够有效地使来自多个lda的数据所有者在当前单个价格方案下达到数据数量的平衡。结果进一步表明，有影响力的lda决定了最终的价格分布。最后但并非最不重要的是，它表明，即使有额外的信息交换成本，移动数据所有者之间的合作也会带来最优的社会福利。

{"title":"Federated data acquisition market: Architecture and a mean-field based data pricing strategy","authors":"Jiejun Hu-Bolz , Martin Reed , Kai Zhang , Zelei Liu , Juncheng Hu","doi":"10.1016/j.hcc.2024.100232","DOIUrl":"10.1016/j.hcc.2024.100232","url":null,"abstract":"<div><div>With the increasing global mobile data traffic and daily user engagement, technologies, such as mobile crowdsensing, benefit hugely from the constant data flows from smartphone and IoT owners. However, the device users, as data owners, urgently require a secure and fair marketplace to negotiate with the data consumers. In this paper, we introduce a novel federated data acquisition market that consists of a group of local data aggregators (LDAs); a number of data owners; and, one data union to coordinate the data trade with the data consumers. Data consumers offer each data owner an individual price to stimulate participation. The mobile data owners naturally cooperate to gossip about individual prices with each other, which also leads to price fluctuation. It is challenging to analyse the interactions among the data owners and the data consumers using traditional game theory due to the complex price dynamics in a large-scale heterogeneous data acquisition scenario. Hence, we propose a data pricing strategy based on mean-field game (MFG) theory to model the data owners’ cost considering the price dynamics. We then investigate the interactions among the LDAs by using the distribution of price, namely the mean-field term. A numerical method is used to solve the proposed pricing strategy. The evaluations demonstrate that the proposed pricing strategy efficiently allows the data owners from multiple LDAs to reach an equilibrium on data quantity to sell regarding the current individual price scheme. The result further demonstrates that the influential LDAs determine the final price distribution. Last but not least, it shows that cooperation among mobile data owners leads to optimal social welfare even with the additional cost of information exchange.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100232"},"PeriodicalIF":3.2,"publicationDate":"2024-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140768406","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Modular neural network for edge-based detection of early-stage IoT botnet 基于边缘检测早期物联网僵尸网络的模块化神经网络

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-16 DOI: 10.1016/j.hcc.2024.100230

Duaa Alqattan , Varun Ojha , Fawzy Habib , Ayman Noor , Graham Morgan , Rajiv Ranjan

The Internet of Things (IoT) has led to rapid growth in smart cities. However, IoT botnet-based attacks against smart city systems are becoming more prevalent. Detection methods for IoT botnet-based attacks have been the subject of extensive research, but the identification of early-stage behaviour of the IoT botnet prior to any attack remains a largely unexplored area that could prevent any attack before it is launched. Few studies have addressed the early stages of IoT botnet detection using monolithic deep learning algorithms that could require more time for training and detection. We, however, propose an edge-based deep learning system for the detection of the early stages of IoT botnets in smart cities. The proposed system, which we call EDIT (Edge-based Detection of early-stage IoT Botnet), aims to detect abnormalities in network communication traffic caused by early-stage IoT botnets based on the modular neural network (MNN) method at multi-access edge computing (MEC) servers. MNN can improve detection accuracy and efficiency by leveraging parallel computing on MEC. According to the findings, EDIT has a lower false-negative rate compared to a monolithic approach and other studies. At the MEC server, EDIT takes as little as 16 ms for the detection of an IoT botnet.

物联网（IoT）推动了智慧城市的快速发展。然而，针对智慧城市系统的基于物联网僵尸网络的攻击正变得越来越普遍。基于物联网僵尸网络的攻击检测方法一直是广泛研究的主题，但在任何攻击之前识别物联网僵尸网络的早期行为仍然是一个很大程度上未开发的领域，可以在发起任何攻击之前阻止任何攻击。很少有研究使用单片深度学习算法解决物联网僵尸网络检测的早期阶段，这可能需要更多的时间来训练和检测。然而，我们提出了一种基于边缘的深度学习系统，用于检测智慧城市中物联网僵尸网络的早期阶段。我们提出的系统称为EDIT (edge -based Detection of early stage IoT Botnet)，旨在基于多访问边缘计算（MEC）服务器的模块化神经网络（MNN）方法检测早期IoT僵尸网络引起的网络通信流量异常。MNN可以利用MEC上的并行计算来提高检测精度和效率。根据研究结果，与单一方法和其他研究相比，EDIT的假阴性率较低。在MEC服务器上，EDIT只需16毫秒即可检测到物联网僵尸网络。

{"title":"Modular neural network for edge-based detection of early-stage IoT botnet","authors":"Duaa Alqattan , Varun Ojha , Fawzy Habib , Ayman Noor , Graham Morgan , Rajiv Ranjan","doi":"10.1016/j.hcc.2024.100230","DOIUrl":"10.1016/j.hcc.2024.100230","url":null,"abstract":"<div><div>The Internet of Things (IoT) has led to rapid growth in smart cities. However, IoT botnet-based attacks against smart city systems are becoming more prevalent. Detection methods for IoT botnet-based attacks have been the subject of extensive research, but the identification of early-stage behaviour of the IoT botnet prior to any attack remains a largely unexplored area that could prevent any attack before it is launched. Few studies have addressed the early stages of IoT botnet detection using monolithic deep learning algorithms that could require more time for training and detection. We, however, propose an edge-based deep learning system for the detection of the early stages of IoT botnets in smart cities. The proposed system, which we call EDIT (<u>E</u>dge-based <u>D</u>etection of early-stage <u>I</u>oT Botne<u>t</u>), aims to detect abnormalities in network communication traffic caused by early-stage IoT botnets based on the modular neural network (MNN) method at multi-access edge computing (MEC) servers. MNN can improve detection accuracy and efficiency by leveraging parallel computing on MEC. According to the findings, EDIT has a lower false-negative rate compared to a monolithic approach and other studies. At the MEC server, EDIT takes as little as 16 ms for the detection of an IoT botnet.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100230"},"PeriodicalIF":3.2,"publicationDate":"2024-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140778543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Unsupervised machine learning approach for tailoring educational content to individual student weaknesses 无监督机器学习法，针对学生个体弱点定制教育内容

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-16 DOI: 10.1016/j.hcc.2024.100228

By analyzing data gathered through Online Learning (OL) systems, data mining can be used to unearth hidden relationships between topics and trends in student performance. Here, in this paper, we show how data mining techniques such as clustering and association rule algorithms can be used on historical data to develop a unique recommendation system module. In our implementation, we utilize historical data to generate association rules specifically for student test marks below a threshold of 60%. By focusing on marks below this threshold, we aim to identify and establish associations based on the patterns of weakness observed in the past data. Additionally, we leverage K-means clustering to provide instructors with visual representations of the generated associations. This strategy aids instructors in better comprehending the information and associations produced by the algorithms. K-means clustering helps visualize and organize the data in a way that makes it easier for instructors to analyze and gain insights, enabling them to support the verification of the relationship between topics. This can be a useful tool to deliver better feedback to students as well as provide better insights to instructors when developing their pedagogy. This paper further shows a prototype implementation of the above-mentioned concepts to gain opinions and insights about the usability and viability of the proposed system.

通过分析在线学习（OL）系统收集到的数据，数据挖掘可以用来发现主题之间隐藏的关系和学生成绩的趋势。在本文中，我们展示了如何将聚类和关联规则算法等数据挖掘技术用于历史数据，以开发独特的推荐系统模块。在我们的实施过程中，我们利用历史数据生成关联规则，专门针对低于 60% 临界值的学生考试分数。通过关注低于这一阈值的分数，我们旨在根据过去数据中观察到的薄弱环节模式来识别和建立关联。此外，我们还利用 K 均值聚类为教师提供生成关联的可视化表示。这一策略有助于教师更好地理解算法生成的信息和关联。K-means 聚类有助于以可视化的方式组织数据，使教师更容易分析和洞察，从而为验证主题之间的关系提供支持。这可以成为一个有用的工具，为学生提供更好的反馈，并为教师在制定教学法时提供更好的见解。本文进一步展示了上述概念的原型实现，以获得有关拟议系统可用性和可行性的意见和见解。

{"title":"Unsupervised machine learning approach for tailoring educational content to individual student weaknesses","authors":"","doi":"10.1016/j.hcc.2024.100228","DOIUrl":"10.1016/j.hcc.2024.100228","url":null,"abstract":"<div><div>By analyzing data gathered through Online Learning (OL) systems, data mining can be used to unearth hidden relationships between topics and trends in student performance. Here, in this paper, we show how data mining techniques such as clustering and association rule algorithms can be used on historical data to develop a unique recommendation system module. In our implementation, we utilize historical data to generate association rules specifically for student test marks below a threshold of 60%. By focusing on marks below this threshold, we aim to identify and establish associations based on the patterns of weakness observed in the past data. Additionally, we leverage K-means clustering to provide instructors with visual representations of the generated associations. This strategy aids instructors in better comprehending the information and associations produced by the algorithms. K-means clustering helps visualize and organize the data in a way that makes it easier for instructors to analyze and gain insights, enabling them to support the verification of the relationship between topics. This can be a useful tool to deliver better feedback to students as well as provide better insights to instructors when developing their pedagogy. This paper further shows a prototype implementation of the above-mentioned concepts to gain opinions and insights about the usability and viability of the proposed system.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100228"},"PeriodicalIF":3.2,"publicationDate":"2024-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140782041","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

EPri-MDAS: An efficient privacy-preserving multiple data aggregation scheme without trusted authority for fog-based smart grid EPri-MDAS：基于雾的智能电网的高效隐私保护多数据聚合方案（无需可信机构

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-15 DOI: 10.1016/j.hcc.2024.100226

With the increasingly pervasive deployment of fog servers, fog computing extends data processing and analysis to network edges. At the same time, as the next-generation power grid, the smart grid should meet the requirements of security, efficiency, and real-time monitoring of user energy consumption. By utilizing the low-latency and distributed properties of fog computing, it can improve communication efficiency and user service satisfaction in smart grids. For the sake of providing adequate functionality for the power grid, various schemes have been proposed. Whereas, many methods are vulnerable to privacy leakage since the existence of trusted authority may increase the exposure to threats. In this paper, we propose the EPri-MDAS: an Efficient Privacy-preserving Multiple Data Aggregation Scheme without trusted authority based on the ElGamal homomorphic cryptosystem, which achieves both data integrity verification and data source authentication with the most efficient block cipher-based authenticated encryption algorithm. It performs well in energy efficiency with strong security. Especially, the proposed multidimensional aggregation statistics scheme can perform the fine-grained data analyses; it also allows for fault tolerance while protecting personal privacy. The security analysis and simulation experiments show that EPri-MDAS can satisfy the security requirements and work efficiently in the smart grid.

随着雾服务器部署的日益普及，雾计算将数据处理和分析扩展到了网络边缘。同时，作为下一代电网，智能电网应满足安全、高效和实时监控用户能耗的要求。利用雾计算的低延迟和分布式特性，可以提高智能电网的通信效率和用户服务满意度。为了给电网提供足够的功能，人们提出了各种方案。然而，由于可信机构的存在可能会增加威胁的风险，因此许多方法都容易造成隐私泄露。在本文中，我们提出了 EPri-MDAS：一种基于 ElGamal 同态加密系统的高效隐私保护多重数据聚合方案，该方案不需要可信机构，通过最高效的基于块密码的认证加密算法实现了数据完整性验证和数据源认证。它在高能效和强安全性方面表现出色。特别是所提出的多维聚合统计方案可以进行细粒度的数据分析，还能在保护个人隐私的同时实现容错。安全分析和仿真实验表明，EPri-MDAS 能够满足智能电网的安全要求并高效工作。

{"title":"EPri-MDAS: An efficient privacy-preserving multiple data aggregation scheme without trusted authority for fog-based smart grid","authors":"","doi":"10.1016/j.hcc.2024.100226","DOIUrl":"10.1016/j.hcc.2024.100226","url":null,"abstract":"<div><div>With the increasingly pervasive deployment of fog servers, fog computing extends data processing and analysis to network edges. At the same time, as the next-generation power grid, the smart grid should meet the requirements of security, efficiency, and real-time monitoring of user energy consumption. By utilizing the low-latency and distributed properties of fog computing, it can improve communication efficiency and user service satisfaction in smart grids. For the sake of providing adequate functionality for the power grid, various schemes have been proposed. Whereas, many methods are vulnerable to privacy leakage since the existence of trusted authority may increase the exposure to threats. In this paper, we propose the EPri-MDAS: an <em>E</em>fficient <em>Pri</em>vacy-preserving <em>M</em>ultiple <em>D</em>ata <em>A</em>ggregation <em>S</em>cheme without trusted authority based on the ElGamal homomorphic cryptosystem, which achieves both data integrity verification and data source authentication with the most efficient block cipher-based authenticated encryption algorithm. It performs well in energy efficiency with strong security. Especially, the proposed multidimensional aggregation statistics scheme can perform the fine-grained data analyses; it also allows for fault tolerance while protecting personal privacy. The security analysis and simulation experiments show that EPri-MDAS can satisfy the security requirements and work efficiently in the smart grid.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 4","pages":"Article 100226"},"PeriodicalIF":3.2,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140782430","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Optimal filter assignment policy against link flooding attack 针对链路泛洪攻击的最佳滤波器分配策略

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-15 DOI: 10.1016/j.hcc.2024.100231

Rajorshi Biswas , Jie Wu , Wei Chang , Pouya Ostovari

A Link Flooding Attack (LFA) is a special type of Denial-of-Service (DoS) attack in which the attacker sends out a huge number of requests to exhaust the capacity of a link on the path the traffic comes to a server. As a result, user traffic cannot reach the server. As a result, DoS and degradation of Quality-of-Service (QoS) occur. Because the attack traffic does not go to the victim, protecting the legitimate traffic alone is hard for the victim. The victim can protect its legitimate traffic by using a special type of router called filter router (FR). An FR can receive server filters and apply them to block a link incident to it. An FR probabilistically appends its own IP address to packets it forwards, and the victim uses that information to discover the traffic topology. By analyzing traffic rates and paths, the victim identifies some links that may be congested. The victim needs to select some of these possible congested links (PCLs) and send a filter to the corresponding FR so that legitimate traffic avoids congested paths. In this paper, we formulate two optimization problems for blocking the least number of PCLs so that the legitimate traffic goes through a non-congested path. We consider the scenario where every user has at least one non-congested shortest path in the first problem. We extend the first problem to a scenario where there are some users whose shortest paths are all congested. We transform the original problem to the vertex separation problem to find the links to block. We use a custom-built Java multi-threaded simulator and conduct extensive simulations to support our solutions.

链路泛洪攻击（Link Flooding Attack， LFA）是一种特殊类型的DoS （Denial-of-Service）攻击，攻击者通过发送大量请求来耗尽流量到达服务器路径上链路的容量。因此，用户流量无法到达服务器。因此，会出现拒绝服务和服务质量（QoS）的降低。由于攻击流量没有到达受害者，因此受害者很难单独保护合法流量。受害者可以通过使用一种称为过滤路由器（FR）的特殊类型的路由器来保护其合法流量。FR可以接收服务器筛选器并应用它们来阻止与它相关的链接。FR很可能会将自己的IP地址附加到它转发的数据包中，受害者使用该信息来发现流量拓扑。通过分析流量速率和路径，受害者可以识别出可能出现拥塞的链路。受害者需要从这些可能的拥塞链路中选择一些，并向相应的FR发送过滤器，使合法流量避免拥塞路径。在本文中，我们制定了两个优化问题，以阻塞最少数量的pcl，使合法流量通过一个非拥塞的路径。我们考虑这样的场景：在第一个问题中，每个用户至少有一条非拥塞最短路径。我们将第一个问题扩展到这样一个场景：有些用户的最短路径都是拥塞的。我们将原问题转化为顶点分离问题来寻找要阻塞的链接。我们使用定制的Java多线程模拟器，并进行广泛的模拟来支持我们的解决方案。

{"title":"Optimal filter assignment policy against link flooding attack","authors":"Rajorshi Biswas , Jie Wu , Wei Chang , Pouya Ostovari","doi":"10.1016/j.hcc.2024.100231","DOIUrl":"10.1016/j.hcc.2024.100231","url":null,"abstract":"<div><div>A Link Flooding Attack (LFA) is a special type of Denial-of-Service (DoS) attack in which the attacker sends out a huge number of requests to exhaust the capacity of a link on the path the traffic comes to a server. As a result, user traffic cannot reach the server. As a result, DoS and degradation of Quality-of-Service (QoS) occur. Because the attack traffic does not go to the victim, protecting the legitimate traffic alone is hard for the victim. The victim can protect its legitimate traffic by using a special type of router called filter router (FR). An FR can receive server filters and apply them to block a link incident to it. An FR probabilistically appends its own IP address to packets it forwards, and the victim uses that information to discover the traffic topology. By analyzing traffic rates and paths, the victim identifies some links that may be congested. The victim needs to select some of these possible congested links (PCLs) and send a filter to the corresponding FR so that legitimate traffic avoids congested paths. In this paper, we formulate two optimization problems for blocking the least number of PCLs so that the legitimate traffic goes through a non-congested path. We consider the scenario where every user has at least one non-congested shortest path in the first problem. We extend the first problem to a scenario where there are some users whose shortest paths are all congested. We transform the original problem to the vertex separation problem to find the links to block. We use a custom-built Java multi-threaded simulator and conduct extensive simulations to support our solutions.</div></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"5 1","pages":"Article 100231"},"PeriodicalIF":3.2,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140783141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

An attribute-based access control scheme using blockchain technology for IoT data protection 利用区块链技术保护物联网数据的基于属性的访问控制方案

IF 3.2 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

High-Confidence Computing

Pub Date : 2024-04-09 DOI: 10.1016/j.hcc.2024.100199

With the wide application of the Internet of Things (IoT), storing large amounts of IoT data and protecting data privacy has become a meaningful issue. In general, the access control mechanism is used to prevent illegal users from accessing private data. However, traditional data access control schemes face some non-ignorable problems, such as only supporting coarse-grained access control, the risk of centralization, and high trust issues. In this paper, an attribute-based data access control scheme using blockchain technology is proposed. To address these problems, attribute-based encryption (ABE) has become a promising solution for encrypted data access control. Firstly, we utilize blockchain technology to construct a decentralized access control scheme, which can grant data access with transparency and traceability. Furthermore, our scheme also guarantees the privacy of policies and attributes on the blockchain network. Secondly, we optimize an ABE scheme, which makes the size of system parameters smaller and improves the efficiency of algorithms. These optimizations enable our proposed scheme supports large attribute universe requirements in IoT environments. Thirdly, to prohibit attribute impersonation and attribute replay attacks, we design a challenge-response mechanism to verify the ownership of attributes. Finally, we evaluate the security and performance of the scheme. And comparisons with other related schemes show the advantages of our proposed scheme. Compared to existing schemes, our scheme has more comprehensive advantages, such as supporting a large universe, full security, expressive policy, and policy hiding.

随着物联网（IoT）的广泛应用，存储大量物联网数据和保护数据隐私已成为一个有意义的问题。一般来说，访问控制机制用于防止非法用户访问隐私数据。然而，传统的数据访问控制方案面临着一些不可忽视的问题，如仅支持粗粒度访问控制、集中化风险和高信任问题等。本文提出了一种利用区块链技术的基于属性的数据访问控制方案。为了解决这些问题，基于属性的加密（ABE）已成为加密数据访问控制的一种有前途的解决方案。首先，我们利用区块链技术构建了一种去中心化的访问控制方案，该方案可以透明、可追溯地授予数据访问权限。此外，我们的方案还能保证区块链网络中策略和属性的隐私性。其次，我们优化了 ABE 方案，使系统参数的大小更小，并提高了算法的效率。这些优化使我们提出的方案能够支持物联网环境中的大型属性宇宙需求。第三，为了禁止属性冒充和属性重放攻击，我们设计了一种挑战-响应机制来验证属性的所有权。最后，我们对方案的安全性和性能进行了评估。与其他相关方案的比较显示了我们提出的方案的优势。与现有方案相比，我们的方案具有更全面的优势，如支持大宇宙、全面安全、策略表现力强、策略隐藏等。

{"title":"An attribute-based access control scheme using blockchain technology for IoT data protection","authors":"","doi":"10.1016/j.hcc.2024.100199","DOIUrl":"10.1016/j.hcc.2024.100199","url":null,"abstract":"<div><p>With the wide application of the Internet of Things (IoT), storing large amounts of IoT data and protecting data privacy has become a meaningful issue. In general, the access control mechanism is used to prevent illegal users from accessing private data. However, traditional data access control schemes face some non-ignorable problems, such as only supporting coarse-grained access control, the risk of centralization, and high trust issues. In this paper, an attribute-based data access control scheme using blockchain technology is proposed. To address these problems, attribute-based encryption (ABE) has become a promising solution for encrypted data access control. Firstly, we utilize blockchain technology to construct a decentralized access control scheme, which can grant data access with transparency and traceability. Furthermore, our scheme also guarantees the privacy of policies and attributes on the blockchain network. Secondly, we optimize an ABE scheme, which makes the size of system parameters smaller and improves the efficiency of algorithms. These optimizations enable our proposed scheme supports large attribute universe requirements in IoT environments. Thirdly, to prohibit attribute impersonation and attribute replay attacks, we design a challenge-response mechanism to verify the ownership of attributes. Finally, we evaluate the security and performance of the scheme. And comparisons with other related schemes show the advantages of our proposed scheme. Compared to existing schemes, our scheme has more comprehensive advantages, such as supporting a large universe, full security, expressive policy, and policy hiding.</p></div>","PeriodicalId":100605,"journal":{"name":"High-Confidence Computing","volume":"4 3","pages":"Article 100199"},"PeriodicalIF":3.2,"publicationDate":"2024-04-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2667295224000023/pdfft?md5=94aae462b2facd3898d43562d260127f&pid=1-s2.0-S2667295224000023-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140790567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0