Pub Date : 2024-10-21DOI: 10.1109/TIFS.2024.3484155
Liqing Chen;Jiayi Li;Jiguo Li;Jian Weng
In recent years, many cloud service providers adopt the pay-per-query model to offer paid search services to the public. The data owner rents the resources of cloud service providers and charges the data user a fee based on the data volume to be queried. While this commercial model offers flexibility, convenience, and cost-effectiveness, it comes with a significant vulnerability to data breaches. Public-key authentication encryption with keyword search (PAEKS) is a technology which is well applied in the pay-per-query model. But there is no PAEKS scheme applicable to this scenario. For this purpose, we present public-key authentication encryption with similar data search for pay-per-query (PAESS) and construct the first idiographic scheme PAESS-I. PAESS-I utilizes Shamir secret sharing and locality sensitive hashing to implement similar data search, has the verifiability of results, adds the charge function to prevent cloud servers and data users from colluding to deny deductions. We propose the second scheme PAESS-II based on PAESS-I, which is a mobile-friendly lightweight PAESS. Our second scheme operates in the pay-per-query model without pairing and exponential operations. PAESS-I satisfies ciphertext indistinguishability and trapdoor indistinguishability, and sacrifices the computational performance in favor of the pay-per-query model. The optimized PAESS-II is resistant to adaptively-chosen-targets attack, and satisfies ciphertext indistinguishability and trapdoor indistinguishability. PAESS-II distinguishes itself from other existing similar schemes by having the same characteristics as PAESS-I, along with the benefits when it comes to the calculation cost.
{"title":"PAESS: Public-Key Authentication Encryption With Similar Data Search for Pay-Per-Query","authors":"Liqing Chen;Jiayi Li;Jiguo Li;Jian Weng","doi":"10.1109/TIFS.2024.3484155","DOIUrl":"10.1109/TIFS.2024.3484155","url":null,"abstract":"In recent years, many cloud service providers adopt the pay-per-query model to offer paid search services to the public. The data owner rents the resources of cloud service providers and charges the data user a fee based on the data volume to be queried. While this commercial model offers flexibility, convenience, and cost-effectiveness, it comes with a significant vulnerability to data breaches. Public-key authentication encryption with keyword search (PAEKS) is a technology which is well applied in the pay-per-query model. But there is no PAEKS scheme applicable to this scenario. For this purpose, we present public-key authentication encryption with similar data search for pay-per-query (PAESS) and construct the first idiographic scheme PAESS-I. PAESS-I utilizes Shamir secret sharing and locality sensitive hashing to implement similar data search, has the verifiability of results, adds the charge function to prevent cloud servers and data users from colluding to deny deductions. We propose the second scheme PAESS-II based on PAESS-I, which is a mobile-friendly lightweight PAESS. Our second scheme operates in the pay-per-query model without pairing and exponential operations. PAESS-I satisfies ciphertext indistinguishability and trapdoor indistinguishability, and sacrifices the computational performance in favor of the pay-per-query model. The optimized PAESS-II is resistant to adaptively-chosen-targets attack, and satisfies ciphertext indistinguishability and trapdoor indistinguishability. PAESS-II distinguishes itself from other existing similar schemes by having the same characteristics as PAESS-I, along with the benefits when it comes to the calculation cost.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9910-9923"},"PeriodicalIF":6.3,"publicationDate":"2024-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142486898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-21DOI: 10.1109/tifs.2024.3484291
Rujia Li, Qin Wang, Yuanzhao Li, Sisi Duan, Qi Wang, David Galindo
{"title":"Bringing Smart Contract Confidentiality via Trusted Hardware: Fact and Fiction","authors":"Rujia Li, Qin Wang, Yuanzhao Li, Sisi Duan, Qi Wang, David Galindo","doi":"10.1109/tifs.2024.3484291","DOIUrl":"https://doi.org/10.1109/tifs.2024.3484291","url":null,"abstract":"","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"21 1","pages":""},"PeriodicalIF":6.8,"publicationDate":"2024-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142486608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-18DOI: 10.1109/TIFS.2024.3483551
Ya Gao;Haocheng Ma;Qizhi Zhang;Xintong Song;Yier Jin;Jiaji He;Yiqiang Zhao
Electromagnetic side-channel analysis (EM SCA) attack poses a serious threat to integrated circuits (ICs), necessitating timely vulnerability detection before deployment to enhance EM side-channel security. Various EM simulation methods have emerged for analyzing EM side-channel leakage, providing sufficiently accurate results. However, these simulator-based methods still face two principal challenges in the design process of high security chips. Firstly, the large volume of measurement data required for a single security evaluation results in substantial time overhead. Secondly, design iterations lead to repetitive security evaluations, thus increasing the evaluation cost. In this paper, we propose EMSim+ which includes two efficient and accurate layout-level EM side-channel leakage evaluation frameworks named EMSim+GAN and EMSim+GAN+TL to mitigate the above challenges, respectively. EMSim+GAN integrates a Generative Adversarial Network (GAN) model that utilizes the chip’s cell current and power grid information to predict EM emanations quickly. EMSim+GAN+TL further incorporates transfer learning (TL) within the framework, leveraging the experience of existing designs to reduce the training datasets for new designs and achieve the target accuracy. We compare the simulation results of EMSim+ with the state-of-the-art EM simulation tool, EMSim as well as silicon measurements. Experimental results not only prove the high efficiency and high simulation accuracy of EMSim+, but also verify its generalization ability across different designs and technology nodes.
{"title":"EMSim+: Accelerating Electromagnetic Security Evaluation With Generative Adversarial Network and Transfer Learning","authors":"Ya Gao;Haocheng Ma;Qizhi Zhang;Xintong Song;Yier Jin;Jiaji He;Yiqiang Zhao","doi":"10.1109/TIFS.2024.3483551","DOIUrl":"10.1109/TIFS.2024.3483551","url":null,"abstract":"Electromagnetic side-channel analysis (EM SCA) attack poses a serious threat to integrated circuits (ICs), necessitating timely vulnerability detection before deployment to enhance EM side-channel security. Various EM simulation methods have emerged for analyzing EM side-channel leakage, providing sufficiently accurate results. However, these simulator-based methods still face two principal challenges in the design process of high security chips. Firstly, the large volume of measurement data required for a single security evaluation results in substantial time overhead. Secondly, design iterations lead to repetitive security evaluations, thus increasing the evaluation cost. In this paper, we propose EMSim+ which includes two efficient and accurate layout-level EM side-channel leakage evaluation frameworks named EMSim+GAN and EMSim+GAN+TL to mitigate the above challenges, respectively. EMSim+GAN integrates a Generative Adversarial Network (GAN) model that utilizes the chip’s cell current and power grid information to predict EM emanations quickly. EMSim+GAN+TL further incorporates transfer learning (TL) within the framework, leveraging the experience of existing designs to reduce the training datasets for new designs and achieve the target accuracy. We compare the simulation results of EMSim+ with the state-of-the-art EM simulation tool, EMSim as well as silicon measurements. Experimental results not only prove the high efficiency and high simulation accuracy of EMSim+, but also verify its generalization ability across different designs and technology nodes.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9881-9893"},"PeriodicalIF":6.3,"publicationDate":"2024-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142449574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-18DOI: 10.1109/TIFS.2024.3483669
Hang Liu;Anna Scaglione;Sean Peisert
Graph matching over two given graphs is a well-established method for re-identifying obscured node labels within an anonymous graph by matching the corresponding nodes in a reference graph. This paper studies a new application, termed the graph-signal-to-graph matching (GS2GM) problem, where the attacker observes a set of filtered graph signals originating from a hidden graph. These signals are generated through an unknown graph filter activated by certain input excitation signals. Our goal is to match their components to a labeled reference graph to reveal the labels of asymmetric nodes in this unknown graph, where the excitations can be either known or unknown to the attacker. To this end, we integrate the existing blind graph matching algorithm with techniques of graph filter inference and covariance-based eigenvector estimation. Furthermore, we establish sufficient conditions for perfect node de-anonymization through graph signals, showing that graph signals can leak substantial private information on the concealed labels of the underlying graph. Experimental results validate our theoretical insights and demonstrate that the proposed attack effectively reveals many of the hidden labels, particularly when the graph signals are adequately uncorrelated and sampled.
{"title":"Graph-Signal-to-Graph Matching for Network De-Anonymization Attacks","authors":"Hang Liu;Anna Scaglione;Sean Peisert","doi":"10.1109/TIFS.2024.3483669","DOIUrl":"10.1109/TIFS.2024.3483669","url":null,"abstract":"Graph matching over two given graphs is a well-established method for re-identifying obscured node labels within an anonymous graph by matching the corresponding nodes in a reference graph. This paper studies a new application, termed the graph-signal-to-graph matching (GS2GM) problem, where the attacker observes a set of filtered graph signals originating from a hidden graph. These signals are generated through an unknown graph filter activated by certain input excitation signals. Our goal is to match their components to a labeled reference graph to reveal the labels of asymmetric nodes in this unknown graph, where the excitations can be either known or unknown to the attacker. To this end, we integrate the existing blind graph matching algorithm with techniques of graph filter inference and covariance-based eigenvector estimation. Furthermore, we establish sufficient conditions for perfect node de-anonymization through graph signals, showing that graph signals can leak substantial private information on the concealed labels of the underlying graph. Experimental results validate our theoretical insights and demonstrate that the proposed attack effectively reveals many of the hidden labels, particularly when the graph signals are adequately uncorrelated and sampled.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"10043-10057"},"PeriodicalIF":6.3,"publicationDate":"2024-10-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142449605","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-17DOI: 10.1109/TIFS.2024.3482861
Xiaofang Chen;Xue Fu;Wenbo Xu;Yue Wang;Guan Gui
Specific emitter identification (SEI) is important to guarantee the security of device administration. Recently, to increase the effectiveness of the recognition, traditional SEI employing only one sensor has been extended to the scenario with multiple sensors. However, the inherent distortion at different sensors impacts the radio frequency fingerprints (RFFs) of the emitter independently, which inevitably leads to the non-universalization of the features extracted at different sensors. Besides, variational modal decomposition (VMD), which is an effective preprocessing in SEI, has not been well investigated in noisy scenarios. To combat the environment noise, this paper proposes two joint VMD (JVMD) algorithms, i.e., JVMD for ignoring the distortions at sensors (I-JVMD) and JVMD for considering the distortions at sensors (C-JVMD). Specifically, I-JVMD exploits the consistency of the central frequencies and intrinsic modal functions (IMFs) of multiple sensors, and C-JVMD further estimates and filters out the phase noise at each sensor that may distort the RFFs of the emitter. Simulations of the proposed JVMD algorithms and their corresponding applications in SEI are provided on two real-world datasets. When compared with the traditional VMD, the proposed ones improve the accuracy of device classification and the robustness towards noise.
特定发射器识别(SEI)对于保证设备管理的安全性非常重要。最近,为了提高识别的有效性,传统的只使用一个传感器的特定发射器识别(SEI)已扩展到使用多个传感器的情况。然而,不同传感器的固有失真会对发射器的射频指纹(RFF)产生独立影响,这不可避免地导致不同传感器提取的特征不通用。此外,变异模态分解(VMD)是 SEI 中一种有效的预处理方法,但在噪声场景中还没有得到很好的研究。为了消除环境噪声,本文提出了两种联合 VMD(JVMD)算法,即忽略传感器失真的 JVMD(I-JVMD)和考虑传感器失真的 JVMD(C-JVMD)。具体来说,I-JVMD 利用了多个传感器的中心频率和本征模态函数 (IMF) 的一致性,而 C-JVMD 则进一步估计并滤除每个传感器上可能会扭曲发射器 RFF 的相位噪声。我们在两个实际数据集上模拟了所提出的 JVMD 算法及其在 SEI 中的相应应用。与传统的 VMD 相比,所提出的算法提高了设备分类的准确性和对噪声的鲁棒性。
{"title":"Joint Variational Modal Decomposition for Specific Emitter Identification With Multiple Sensors","authors":"Xiaofang Chen;Xue Fu;Wenbo Xu;Yue Wang;Guan Gui","doi":"10.1109/TIFS.2024.3482861","DOIUrl":"10.1109/TIFS.2024.3482861","url":null,"abstract":"Specific emitter identification (SEI) is important to guarantee the security of device administration. Recently, to increase the effectiveness of the recognition, traditional SEI employing only one sensor has been extended to the scenario with multiple sensors. However, the inherent distortion at different sensors impacts the radio frequency fingerprints (RFFs) of the emitter independently, which inevitably leads to the non-universalization of the features extracted at different sensors. Besides, variational modal decomposition (VMD), which is an effective preprocessing in SEI, has not been well investigated in noisy scenarios. To combat the environment noise, this paper proposes two joint VMD (JVMD) algorithms, i.e., JVMD for ignoring the distortions at sensors (I-JVMD) and JVMD for considering the distortions at sensors (C-JVMD). Specifically, I-JVMD exploits the consistency of the central frequencies and intrinsic modal functions (IMFs) of multiple sensors, and C-JVMD further estimates and filters out the phase noise at each sensor that may distort the RFFs of the emitter. Simulations of the proposed JVMD algorithms and their corresponding applications in SEI are provided on two real-world datasets. When compared with the traditional VMD, the proposed ones improve the accuracy of device classification and the robustness towards noise.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9938-9953"},"PeriodicalIF":6.3,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142448469","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-17DOI: 10.1109/TIFS.2024.3482724
Caiqun Shi;Qinlong Huang;Rui Jian;Genghui Chi
The quality of medical services is improved by sharing electronic medical records (EMRs) across multiple medical institutions via cloud edge. However, EMRs contain private information about patients, and cloud servers are untrustworthy, thus they cannot be shared arbitrarily among senders and receivers. Access control encryption (ACE) is a preferred technique that produces encrypted EMRs and then restricts the capabilities of both senders and receivers to enforce the EMR flow via sanitizers. However, existing cross-domain ACE schemes employ a single sender authority to issue encryption keys for senders, which suffers from single point of failure and encryption key escrow that the sender authority can public EMRs arbitrarily. Moreover, they only support coarse-grained access structures such as AND gates, which is not suitable for flexible EMR sharing among medical institutions. To this end, we propose a cross-domain inner-product ACE (CD-IPACE) scheme that features decentralized encryption key generation and fine-grained access structures. Specifically, we construct CD-IPACE from inner-product encryption, threshold structure-preserving signature instantiated with a distributed key generation protocol, and non-interactive zero-knowledge proof, which prevents individual sender authorities from sending ciphertexts, and also protects both data and receiver privacy. Then, we design a secure EMR flow system in cloud edge named ESFlow based on CD-IPACE, which employs edge nodes as sanitizers to check encrypted EMRs and discard illegal ones. Finally, we demonstrate the security and practicality of ESFlow via formal security analysis and extensive experiments.
{"title":"Cross-Domain Inner-Product Access Control Encryption for Secure EMR Flow in Cloud Edge","authors":"Caiqun Shi;Qinlong Huang;Rui Jian;Genghui Chi","doi":"10.1109/TIFS.2024.3482724","DOIUrl":"10.1109/TIFS.2024.3482724","url":null,"abstract":"The quality of medical services is improved by sharing electronic medical records (EMRs) across multiple medical institutions via cloud edge. However, EMRs contain private information about patients, and cloud servers are untrustworthy, thus they cannot be shared arbitrarily among senders and receivers. Access control encryption (ACE) is a preferred technique that produces encrypted EMRs and then restricts the capabilities of both senders and receivers to enforce the EMR flow via sanitizers. However, existing cross-domain ACE schemes employ a single sender authority to issue encryption keys for senders, which suffers from single point of failure and encryption key escrow that the sender authority can public EMRs arbitrarily. Moreover, they only support coarse-grained access structures such as AND gates, which is not suitable for flexible EMR sharing among medical institutions. To this end, we propose a cross-domain inner-product ACE (CD-IPACE) scheme that features decentralized encryption key generation and fine-grained access structures. Specifically, we construct CD-IPACE from inner-product encryption, threshold structure-preserving signature instantiated with a distributed key generation protocol, and non-interactive zero-knowledge proof, which prevents individual sender authorities from sending ciphertexts, and also protects both data and receiver privacy. Then, we design a secure EMR flow system in cloud edge named ESFlow based on CD-IPACE, which employs edge nodes as sanitizers to check encrypted EMRs and discard illegal ones. Finally, we demonstrate the security and practicality of ESFlow via formal security analysis and extensive experiments.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9866-9880"},"PeriodicalIF":6.3,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142448470","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-17DOI: 10.1109/TIFS.2024.3482716
Fei Chen;Haohui Zhang;Tao Xiang;Joseph K. Liu
How to enable fairness for e-commerce applications has attracted years of research. Recent research has proposed employing blockchain smart contract as an efficient trusted third party (TTP) to enable fair data trading. However, the state-of-the-art schemes suffer from two issues, i.e., they either fail to work for situations where data validity cannot be encoded as an oracle function in the smart contract, or leak data to attackers for free. To resolve these issues, this paper proposes a two-stage approach for blockchain-based fair data trading. The main idea is to employ a lightweight off-chain TTP and an on-chain smart contract to handle dispute issues. Both the TTP and smart contract only require a logarithmic complexity for making arbitration in case of disputes; moreover, they are not invoked when there is no dispute. The rationale is that although the off-chain TTP cannot be eliminated, it is only needed in a minimal sense to judge the validity of the traded data. The proposed approach designs a new cryptographic protocol that combines sampling, commitment schemes, and encryption schemes to achieve this logarithmic efficiency. The proposed approach also features privacy protection. Experimental evaluation of the public Ethereum blockchain confirms that the proposed approach is practically usable. Specifically, for a dataset of 15GB, the off-chain computation for each trading party costs approximately 80 seconds while on-chain computation costs around 30 seconds; the additional storage cost is around 9MB; the gas cost is approximately 2.23 million GWei.
{"title":"A Two-Stage Approach for Fair Data Trading Based on Blockchain","authors":"Fei Chen;Haohui Zhang;Tao Xiang;Joseph K. Liu","doi":"10.1109/TIFS.2024.3482716","DOIUrl":"10.1109/TIFS.2024.3482716","url":null,"abstract":"How to enable fairness for e-commerce applications has attracted years of research. Recent research has proposed employing blockchain smart contract as an efficient trusted third party (TTP) to enable fair data trading. However, the state-of-the-art schemes suffer from two issues, i.e., they either fail to work for situations where data validity cannot be encoded as an oracle function in the smart contract, or leak data to attackers for free. To resolve these issues, this paper proposes a two-stage approach for blockchain-based fair data trading. The main idea is to employ a lightweight off-chain TTP and an on-chain smart contract to handle dispute issues. Both the TTP and smart contract only require a logarithmic complexity for making arbitration in case of disputes; moreover, they are not invoked when there is no dispute. The rationale is that although the off-chain TTP cannot be eliminated, it is only needed in a minimal sense to judge the validity of the traded data. The proposed approach designs a new cryptographic protocol that combines sampling, commitment schemes, and encryption schemes to achieve this logarithmic efficiency. The proposed approach also features privacy protection. Experimental evaluation of the public Ethereum blockchain confirms that the proposed approach is practically usable. Specifically, for a dataset of 15GB, the off-chain computation for each trading party costs approximately 80 seconds while on-chain computation costs around 30 seconds; the additional storage cost is around 9MB; the gas cost is approximately 2.23 million GWei.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9835-9849"},"PeriodicalIF":6.3,"publicationDate":"2024-10-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142448465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Specific emitter identification (SEI) plays a crucial role in the security of the Industrial Internet of Things (IIoT). In recent years, research on applying deep learning (DL) methods for signal identification has mushroomed. However, DL-based SEI methods rely on a huge amount of training data and powerful computing devices, limiting their application scenarios. In addition, DL models are considered black box models with poor interpretability. To solve the above problems, this paper proposes a novel few-shot SEI solution using knowledge graph-driven incremental broad learning (KG-IBL). Specifically, this paper uses a deep belief network (DBN) to dig deep into features and expand the broad structure with additional enhancement nodes. Furthermore, the proposed KG-IBL does not need to retrain all data to achieve dynamic incremental update learning. To our knowledge, this is the first endeavor to integrate KG with broad learning for addressing the few-shot SEI problem. The experimental results demonstrate that the proposed KG-IBL surpasses existing incremental methods in both identification performance and computational overhead. Last but not least, the accuracy of the proposed KG-IBL is 97.5%, which is only 1.67% lower than the theoretical upper limit, and the training time is nearly 267 times lower than that of deep learning models. The code and dataset are available for download at �https://github.com/Lollipophua/KG-IBL�.
特定发射器识别(SEI)对工业物联网(IIoT)的安全起着至关重要的作用。近年来,将深度学习(DL)方法应用于信号识别的研究如雨后春笋般涌现。然而,基于 DL 的 SEI 方法依赖于大量的训练数据和强大的计算设备,限制了其应用场景。此外,DL 模型被认为是黑盒模型,可解释性较差。为解决上述问题,本文利用知识图谱驱动的增量广泛学习(KG-IBL)提出了一种新颖的少量 SEI 解决方案。具体来说,本文使用深度信念网络(DBN)深入挖掘特征,并通过额外的增强节点扩展广义结构。此外,所提出的 KG-IBL 不需要重新训练所有数据,就能实现动态增量更新学习。据我们所知,这是首次尝试将 KG 与广义学习相结合,以解决少量 SEI 问题。实验结果表明,所提出的 KG-IBL 在识别性能和计算开销方面都超过了现有的增量方法。最后但并非最不重要的是,所提出的 KG-IBL 的准确率为 97.5%,仅比理论上限低 1.67%,训练时间比深度学习模型低近 267 倍。代码和数据集可在 https://github.com/Lollipophua/KG-IBL 下载。
{"title":"KG-IBL: Knowledge Graph Driven Incremental Broad Learning for Few-Shot Specific Emitter Identification","authors":"Minyu Hua;Yibin Zhang;Qianyun Zhang;Huaiyu Tang;Lantu Guo;Yun Lin;Hikmet Sari;Guan Gui","doi":"10.1109/TIFS.2024.3481902","DOIUrl":"10.1109/TIFS.2024.3481902","url":null,"abstract":"Specific emitter identification (SEI) plays a crucial role in the security of the Industrial Internet of Things (IIoT). In recent years, research on applying deep learning (DL) methods for signal identification has mushroomed. However, DL-based SEI methods rely on a huge amount of training data and powerful computing devices, limiting their application scenarios. In addition, DL models are considered black box models with poor interpretability. To solve the above problems, this paper proposes a novel few-shot SEI solution using knowledge graph-driven incremental broad learning (KG-IBL). Specifically, this paper uses a deep belief network (DBN) to dig deep into features and expand the broad structure with additional enhancement nodes. Furthermore, the proposed KG-IBL does not need to retrain all data to achieve dynamic incremental update learning. To our knowledge, this is the first endeavor to integrate KG with broad learning for addressing the few-shot SEI problem. The experimental results demonstrate that the proposed KG-IBL surpasses existing incremental methods in both identification performance and computational overhead. Last but not least, the accuracy of the proposed KG-IBL is 97.5%, which is only 1.67% lower than the theoretical upper limit, and the training time is nearly 267 times lower than that of deep learning models. The code and dataset are available for download at \u0000<uri>https://github.com/Lollipophua/KG-IBL</uri>\u0000.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"10016-10028"},"PeriodicalIF":6.3,"publicationDate":"2024-10-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142443988","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-14DOI: 10.1109/TIFS.2024.3480365
Xiaopeng Ji;Ruizhi Zhu;Qiaosheng Zhang;Chunguo Li;Daming Cao
This work proposes an On-Off Keying (OOK) coding scheme for covert communication over complex Gaussian channels. In particular, a transmitter Alice employs phase deflection to covertly transmit information to a receiver Bob, simultaneously ensuring that the communication intent is concealed from a warden Willie. The utilization of phase deflection allows Alice to improve the transmission rate by leveraging Willie’s uncertainty about the received phase, without changing the codebook construction. Considering the asymmetry of the OOK codebook’s input distribution and shape constellation, we first analyze the relationship between the input distribution and the signal amplitude, and then propose a scheme that can achieve covert transmission with the input distribution of the “on” symbol �$a_{n}=mathcal {O}left ({{frac {1}{sqrt {n}}}}right)$ � and an average transmission power �$beta ^{2}=mathcal {O}({1})$ �. We quantify the improvement brought from the phase resource as phase deflection gain and derive its closed-form expression by approximating the Kullback-Leibler (KL) divergence and mutual information through Taylor expansion. Numerical results show that our scheme achieves significant phase deflection gain, and the maximum gain can be achieved by fully utilizing the phase resources through three stages.
这项研究提出了一种在复杂高斯信道上进行隐蔽通信的开-关键控(OOK)编码方案。具体而言,发射器 Alice 利用相位偏转向接收器 Bob 秘密传输信息,同时确保对典狱长 Willie 隐瞒通信意图。利用相位偏转,爱丽丝可以利用威利对接收到的相位的不确定性来提高传输速率,而无需改变编码本的构造。考虑到OOK码本的输入分布和形状星座的不对称性,我们首先分析了输入分布和信号幅度之间的关系,然后提出了一种方案,该方案可以在 "开 "符号的输入分布 $a_{n}=mathcal {O}left ({{frac {1}{sqrt {n}}}}right)$ 和平均传输功率 $beta ^{2}=mathcal {O}({1})$ 的情况下实现隐蔽传输。我们将相位资源带来的改进量化为相位偏转增益,并通过泰勒展开逼近库尔巴克-莱布勒(KL)发散和互信息,推导出其闭式表达式。数值结果表明,我们的方案实现了显著的相位偏转增益,通过三个阶段充分利用相位资源可以实现最大增益。
{"title":"Enhancing Covert Communication in OOK Schemes by Phase Deflection","authors":"Xiaopeng Ji;Ruizhi Zhu;Qiaosheng Zhang;Chunguo Li;Daming Cao","doi":"10.1109/TIFS.2024.3480365","DOIUrl":"10.1109/TIFS.2024.3480365","url":null,"abstract":"This work proposes an On-Off Keying (OOK) coding scheme for covert communication over complex Gaussian channels. In particular, a transmitter Alice employs phase deflection to covertly transmit information to a receiver Bob, simultaneously ensuring that the communication intent is concealed from a warden Willie. The utilization of phase deflection allows Alice to improve the transmission rate by leveraging Willie’s uncertainty about the received phase, without changing the codebook construction. Considering the asymmetry of the OOK codebook’s input distribution and shape constellation, we first analyze the relationship between the input distribution and the signal amplitude, and then propose a scheme that can achieve covert transmission with the input distribution of the “on” symbol \u0000<inline-formula> <tex-math>$a_{n}=mathcal {O}left ({{frac {1}{sqrt {n}}}}right)$ </tex-math></inline-formula>\u0000 and an average transmission power \u0000<inline-formula> <tex-math>$beta ^{2}=mathcal {O}({1})$ </tex-math></inline-formula>\u0000. We quantify the improvement brought from the phase resource as phase deflection gain and derive its closed-form expression by approximating the Kullback-Leibler (KL) divergence and mutual information through Taylor expansion. Numerical results show that our scheme achieves significant phase deflection gain, and the maximum gain can be achieved by fully utilizing the phase resources through three stages.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"9775-9788"},"PeriodicalIF":6.3,"publicationDate":"2024-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142439881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2024-10-14DOI: 10.1109/TIFS.2024.3480363
Jiajia Li;Qian Yi;Ming K. Lim;Shuping Yi;Pengxing Zhu;Xingjun Huang
Continuous authentication based on behavioral biometrics is effective and crucial as user behaviors are not easily copied. However, relying solely on one behavioral biometric limits the accuracy of continuous authentication. Therefore, a continuous authentication system based on multimodal behavioral biometrics fusion is proposed in this study, which fuses three modalities: contextual behavior, mouse behavior, and information interaction behavior. The multimodal dataset of user behavior is collected through a self-built website, and the behavioral feature sets for each modality are then created. An improved generative adversarial network method is used to align the datasets of the three modalities. The autoencoder with long short-term memory is employed for unsupervised anomaly detection of time-series behaviors and enables continuous authentication for each modality. The multimodal fusion is achieved using the meta-model of the stacked generalization method, and the final decision for continuous authentication is then determined. The experimental results demonstrate that the proposed multimodal fusion method significantly outperforms the unimodal and provides an effective way to improve the accuracy and user-friendliness of continuous authentication. This study offers insights into user behavior analysis, behavioral anomaly detection, and multimodal behavior fusion.
{"title":"MBBFAuth: Multimodal Behavioral Biometrics Fusion for Continuous Authentication on Non-Portable Devices","authors":"Jiajia Li;Qian Yi;Ming K. Lim;Shuping Yi;Pengxing Zhu;Xingjun Huang","doi":"10.1109/TIFS.2024.3480363","DOIUrl":"10.1109/TIFS.2024.3480363","url":null,"abstract":"Continuous authentication based on behavioral biometrics is effective and crucial as user behaviors are not easily copied. However, relying solely on one behavioral biometric limits the accuracy of continuous authentication. Therefore, a continuous authentication system based on multimodal behavioral biometrics fusion is proposed in this study, which fuses three modalities: contextual behavior, mouse behavior, and information interaction behavior. The multimodal dataset of user behavior is collected through a self-built website, and the behavioral feature sets for each modality are then created. An improved generative adversarial network method is used to align the datasets of the three modalities. The autoencoder with long short-term memory is employed for unsupervised anomaly detection of time-series behaviors and enables continuous authentication for each modality. The multimodal fusion is achieved using the meta-model of the stacked generalization method, and the final decision for continuous authentication is then determined. The experimental results demonstrate that the proposed multimodal fusion method significantly outperforms the unimodal and provides an effective way to improve the accuracy and user-friendliness of continuous authentication. This study offers insights into user behavior analysis, behavioral anomaly detection, and multimodal behavior fusion.","PeriodicalId":13492,"journal":{"name":"IEEE Transactions on Information Forensics and Security","volume":"19 ","pages":"10000-10015"},"PeriodicalIF":6.3,"publicationDate":"2024-10-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142439886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: