Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00268
Nicolas Six, Claudia Negri Ribalta, Nicolas Herbaut, C. Salinesi
Blockchain has been praised for its capacity to hold data in a decentralized and tamper-proof way. It also supports the execution of code through blockchain's smart contracts, adding automation of actions to the network with high trustability. However, as smart contracts are visible by anybody on the network, the business data and logic may be at risk, thus companies could be reluctant to use such technology. This paper aims to propose a pattern that allows the execution of automatable legal contract clauses, where its execution states are stored in an on-chain smart-contract and the logic needed to enforce it wraps it off-chain. An engine completes this pattern by running a business process that corresponds to the legal contract. We then propose a pattern-based solution based on a real-life use case: transportation of refrigerated goods. We argue that this pattern guarantees companies pseudonymity and data confidentiality while ensuring that an audit trail can be reconstituted through the blockchain smart-contract to identify misbehavior or errors. This paper paves the way for a future possible implementation of the solution described, as well as its evaluation.
{"title":"A blockchain-based pattern for confidential and pseudo-anonymous contract enforcement","authors":"Nicolas Six, Claudia Negri Ribalta, Nicolas Herbaut, C. Salinesi","doi":"10.1109/TrustCom50675.2020.00268","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00268","url":null,"abstract":"Blockchain has been praised for its capacity to hold data in a decentralized and tamper-proof way. It also supports the execution of code through blockchain's smart contracts, adding automation of actions to the network with high trustability. However, as smart contracts are visible by anybody on the network, the business data and logic may be at risk, thus companies could be reluctant to use such technology. This paper aims to propose a pattern that allows the execution of automatable legal contract clauses, where its execution states are stored in an on-chain smart-contract and the logic needed to enforce it wraps it off-chain. An engine completes this pattern by running a business process that corresponds to the legal contract. We then propose a pattern-based solution based on a real-life use case: transportation of refrigerated goods. We argue that this pattern guarantees companies pseudonymity and data confidentiality while ensuring that an audit trail can be reconstituted through the blockchain smart-contract to identify misbehavior or errors. This paper paves the way for a future possible implementation of the solution described, as well as its evaluation.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123227205","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00244
Jack Pye, B. Issac, N. Aslam, Husnain Rafiq
In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the Androidmanifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with fl-score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.
{"title":"Android Malware Classification Using Machine Learning and Bio-Inspired Optimisation Algorithms","authors":"Jack Pye, B. Issac, N. Aslam, Husnain Rafiq","doi":"10.1109/TrustCom50675.2020.00244","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00244","url":null,"abstract":"In recent years the number and sophistication of Android malware have increased dramatically. A prototype framework which uses static analysis methods for classification is proposed which employs two feature sets to classify Android malware, permissions declared in the Androidmanifest.xml and Android classes used from the Classes.dex file. The extracted features were then used to train a variety of machine learning algorithms including Random Forest, SGD, SVM and Neural networks. Each machine learning algorithm was subsequently optimised using optimisation algorithms, including the use of bio-inspired optimisation algorithms such as Particle Swarm Optimisation, Artificial Bee Colony optimisation (ABC), Firefly optimisation and Genetic algorithm. The prototype framework was tested and evaluated using three datasets. It achieved a good accuracy of 95.7 percent by using SVM and ABC optimisation for the CICAndMal2019 dataset, 94.9 percent accuracy (with fl-score of 96.7 percent) using Neural network for the KuafuDet dataset and 99.6 percent accuracy using an SGD classifier for the Andro-Dump dataset. The accuracy could be further improved through better feature selection.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123704376","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00221
Xiaohan Hao, Wei Ren, Wenwen Zheng, Tianqing Zhu
The application of blockchain has moved beyond cryptocurrencies, to applications such as credentialing and smart contracts. The smart contract allows ones to achieve fair exchange for values without relying on a centralized entity. However, as the smart contract can be automatically executed with token transfers, an attacker can seek to exploit vulnerabilities in smart contracts for illicit profits. Thus, this paper proposes a support vector machine (SVM)-based scanning system for vulnerabilities on smart contracts. Our evaluation on Ethereum demonstrate that we achieve a identification rate of over 90% based on several popular attacks.
{"title":"SCScan: A SVM-based Scanning System for Vulnerabilities in Blockchain Smart Contracts","authors":"Xiaohan Hao, Wei Ren, Wenwen Zheng, Tianqing Zhu","doi":"10.1109/TrustCom50675.2020.00221","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00221","url":null,"abstract":"The application of blockchain has moved beyond cryptocurrencies, to applications such as credentialing and smart contracts. The smart contract allows ones to achieve fair exchange for values without relying on a centralized entity. However, as the smart contract can be automatically executed with token transfers, an attacker can seek to exploit vulnerabilities in smart contracts for illicit profits. Thus, this paper proposes a support vector machine (SVM)-based scanning system for vulnerabilities on smart contracts. Our evaluation on Ethereum demonstrate that we achieve a identification rate of over 90% based on several popular attacks.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125260212","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00185
Tomoaki Mimoto, S. Kiyomoto, K. Kitamura, A. Miyaji
A huge number of documents such as news articles, public reports, and personal essays has been released on websites and social media. Once documents including privacy-sensitive information are published, the risk of privacy breaches increases; thus, documents should be carefully checked before publication. In many cases, human experts redact or sanitize documents before publishing; however, this approach is sometimes inefficient with regard to its cost and accuracy. Furthermore, critical privacy risks may remain in the documents. In this paper, we present a generalized adversary model and apply it to document data. This paper devises an attack algorithm for documents, which uses a web search engine, and proposes a privacy-preserving algorithm against the attacks. We evaluate the privacy risks for real accident reports from schools and court documents. As experiments using the real reports, we show that human-sanitized documents still include privacy risks, and our proposal would contribute to risk reduction.
{"title":"A Practical Privacy-Preserving Algorithm for Document Data","authors":"Tomoaki Mimoto, S. Kiyomoto, K. Kitamura, A. Miyaji","doi":"10.1109/TrustCom50675.2020.00185","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00185","url":null,"abstract":"A huge number of documents such as news articles, public reports, and personal essays has been released on websites and social media. Once documents including privacy-sensitive information are published, the risk of privacy breaches increases; thus, documents should be carefully checked before publication. In many cases, human experts redact or sanitize documents before publishing; however, this approach is sometimes inefficient with regard to its cost and accuracy. Furthermore, critical privacy risks may remain in the documents. In this paper, we present a generalized adversary model and apply it to document data. This paper devises an attack algorithm for documents, which uses a web search engine, and proposes a privacy-preserving algorithm against the attacks. We evaluate the privacy risks for real accident reports from schools and court documents. As experiments using the real reports, we show that human-sanitized documents still include privacy risks, and our proposal would contribute to risk reduction.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125366422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00231
Jinghui Xu, Yu Wen, Chun Yang, Dan Meng
In the face of the increasingly complex Internet environment, the traditional intrusion detection system is difficult to cope with the unknown variety of attacks. People hope to find reliable anomaly detection technology to help improve the security of cyberspace. The rapid development of artificial intelligence technology provides new development opportunities for anomaly detection technology, and the anomaly detection system based on deep learning performs well in some studies. However, neural networks are highly dependent on data quality, and a small number of poisoned samples injected into the data set will have a huge impact on the results. The online abnormal threat detection system based on deep learning is likely to be attacked by poisoning due to the need for continuous data collection and training. We propose a poisoning attack method using adversarial samples to resist the anomaly detection system based on an unsupervised deep neural network, which can destroy the neural network with as few samples as possible. We verified the effectiveness of poisoning attacks on the network security data set of los alamos national laboratory and further demonstrated its generality on other abnormal detection data set.
{"title":"An Approach for Poisoning Attacks against RNN-Based Cyber Anomaly Detection","authors":"Jinghui Xu, Yu Wen, Chun Yang, Dan Meng","doi":"10.1109/TrustCom50675.2020.00231","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00231","url":null,"abstract":"In the face of the increasingly complex Internet environment, the traditional intrusion detection system is difficult to cope with the unknown variety of attacks. People hope to find reliable anomaly detection technology to help improve the security of cyberspace. The rapid development of artificial intelligence technology provides new development opportunities for anomaly detection technology, and the anomaly detection system based on deep learning performs well in some studies. However, neural networks are highly dependent on data quality, and a small number of poisoned samples injected into the data set will have a huge impact on the results. The online abnormal threat detection system based on deep learning is likely to be attacked by poisoning due to the need for continuous data collection and training. We propose a poisoning attack method using adversarial samples to resist the anomaly detection system based on an unsupervised deep neural network, which can destroy the neural network with as few samples as possible. We verified the effectiveness of poisoning attacks on the network security data set of los alamos national laboratory and further demonstrated its generality on other abnormal detection data set.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121622606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00127
Amjad Qashlan, P. Nanda, Xiangian He
There has been wide range of applications involving smart home systems for user comfort and accessibility to essential commodities. Users enjoy featured home services supported by the IoT smart devices. These IoT devices are resource-constrained, incapable of securing themselves and can be easily hacked. Edge computing can provide localized computations and storage which can augment such capacity limitations for IoT devices. Furthermore, blockchain has emerged as technology with capabilities to provide secure access and authentication for IoT devices in decentralized manner. In this paper, we propose an authentication scheme which integrate attribute based access control using smart contracts with ERC-20 Token (Ethereum Request For Comments) and edge computing to construct a secure framework for IoT devices in Smart home system. The edge server provide scalability to the system by offloading heavier computation tasks to edge servers. We present system architecture and design and discuss various aspects related to testing and implementation of the smart contracts. We show that our proposed scheme is secure by thoroughly analysing its security goals with respect to confidentiality, integrity and availability. Finally, we conduct a performance evaluation to demonstrate the feasibility and efficiency of the proposed scheme.
{"title":"Security and Privacy Implementation in Smart Home: Attributes Based Access Control and Smart Contracts","authors":"Amjad Qashlan, P. Nanda, Xiangian He","doi":"10.1109/TrustCom50675.2020.00127","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00127","url":null,"abstract":"There has been wide range of applications involving smart home systems for user comfort and accessibility to essential commodities. Users enjoy featured home services supported by the IoT smart devices. These IoT devices are resource-constrained, incapable of securing themselves and can be easily hacked. Edge computing can provide localized computations and storage which can augment such capacity limitations for IoT devices. Furthermore, blockchain has emerged as technology with capabilities to provide secure access and authentication for IoT devices in decentralized manner. In this paper, we propose an authentication scheme which integrate attribute based access control using smart contracts with ERC-20 Token (Ethereum Request For Comments) and edge computing to construct a secure framework for IoT devices in Smart home system. The edge server provide scalability to the system by offloading heavier computation tasks to edge servers. We present system architecture and design and discuss various aspects related to testing and implementation of the smart contracts. We show that our proposed scheme is secure by thoroughly analysing its security goals with respect to confidentiality, integrity and availability. Finally, we conduct a performance evaluation to demonstrate the feasibility and efficiency of the proposed scheme.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124329700","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00096
M. Alishahi, Nicola Zannone
Classifiers are often trained over data collected from different sources. Sharing their data with other entities, however, can raise privacy concerns for data owners. To protect data confidentiality while being able to train a classifier, effective solutions have been proposed in the literature to construct various types of classifiers over private data. However, to date an analysis and comparison of the computation and communication costs for the construction of classifiers over private data is missing, making it difficult to determine which classifier can be used in a given application domain. In this work, we show how two well-known classifiers (Naive Bayes and SVM classifiers) can be securely build over private inputs, and evaluate their construction costs. We assess the computation and communication costs for training the classifiers both theoretically and empirically for different benchmark datasets.
{"title":"On the Comparison of Classifiers' Construction over Private Inputs","authors":"M. Alishahi, Nicola Zannone","doi":"10.1109/TrustCom50675.2020.00096","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00096","url":null,"abstract":"Classifiers are often trained over data collected from different sources. Sharing their data with other entities, however, can raise privacy concerns for data owners. To protect data confidentiality while being able to train a classifier, effective solutions have been proposed in the literature to construct various types of classifiers over private data. However, to date an analysis and comparison of the computation and communication costs for the construction of classifiers over private data is missing, making it difficult to determine which classifier can be used in a given application domain. In this work, we show how two well-known classifiers (Naive Bayes and SVM classifiers) can be securely build over private inputs, and evaluate their construction costs. We assess the computation and communication costs for training the classifiers both theoretically and empirically for different benchmark datasets.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120874372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00032
Roberto Dillon, S. Chawla, Dayana Hristova, Barbara Göbl, Suzana Jovicic
To grant password security, it is still a common practice to request users to comply with a number of rules that need to be met for the resulting password to be valid. Users have no option but to comply with the rules, but is there a specific point where the required rules start being perceived as a nuisance and thus jeopardize security? This paper addresses users' reactions to such a scenario by means of an online survey ($mathrm{N}=51$) where users are being asked to create a password following an increasing number of restrictions. We thereby follow their evolving responses as each further criterion is added. Our analysis confirms that the increase in rule complexity has detrimental effects on usability and can lead to workarounds potentially compromising password security.
{"title":"Password Policies vs. Usability: When Do Users Go “Bananas”?","authors":"Roberto Dillon, S. Chawla, Dayana Hristova, Barbara Göbl, Suzana Jovicic","doi":"10.1109/TrustCom50675.2020.00032","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00032","url":null,"abstract":"To grant password security, it is still a common practice to request users to comply with a number of rules that need to be met for the resulting password to be valid. Users have no option but to comply with the rules, but is there a specific point where the required rules start being perceived as a nuisance and thus jeopardize security? This paper addresses users' reactions to such a scenario by means of an online survey ($mathrm{N}=51$) where users are being asked to create a password following an increasing number of restrictions. We thereby follow their evolving responses as each further criterion is added. Our analysis confirms that the increase in rule complexity has detrimental effects on usability and can lead to workarounds potentially compromising password security.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"220 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122520038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/TrustCom50675.2020.00242
Junzhi Yan, X. Hang, Bo Yang, Li Su, Shen He
Some issues such as CRL/OCSP (Certificate Revocation List / Online Certificate Status Protocol) unavailable, previsioned trust anchor unavailable, high communication load arise when PKI (Public Key Infrastructure) is leveraged into mobile networks. A blockchain based PKI framework in mobile network is proposed to solve these issues. The system is constituted by submission nodes, validator nodes, inquiry nodes. Scenarios and application cases are provided, and it shows the system can be widely used in mobile networks. The blockchain based PKI system is analyzed and compared to traditional solutions. It shows the trustworthy of SSL (Security Socket Layer) certificates and device certificates are the same as those in traditional PKI system. The storage requirement and certificate capacity of blockchain based PKI system is analyzed. Since certificates have expiry dates, the optimization method based on the invalid certificates is proposed. The optimization improves the storage efficiency of the blockchain based PKI certificate management system.
当PKI (Public Key Infrastructure)应用于移动网络时,会出现诸如CRL/OCSP (Certificate Revocation List / Online Certificate Status Protocol)不可用、预设信任锚不可用、高通信负载等问题。针对这些问题,提出了一种基于区块链的移动网络PKI框架。系统由提交节点、验证节点、查询节点组成。给出了应用场景和应用案例,表明该系统可以广泛应用于移动网络。对基于区块链的PKI系统进行了分析,并与传统方案进行了比较。说明SSL (Security Socket Layer)证书和设备证书的可信赖性与传统PKI系统相同。分析了基于区块链的PKI系统的存储需求和证书容量。由于证书具有有效期,提出了基于无效证书的优化方法。该优化提高了基于区块链的PKI证书管理系统的存储效率。
{"title":"Blockchain based PKI and Certificates Management in Mobile Networks","authors":"Junzhi Yan, X. Hang, Bo Yang, Li Su, Shen He","doi":"10.1109/TrustCom50675.2020.00242","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00242","url":null,"abstract":"Some issues such as CRL/OCSP (Certificate Revocation List / Online Certificate Status Protocol) unavailable, previsioned trust anchor unavailable, high communication load arise when PKI (Public Key Infrastructure) is leveraged into mobile networks. A blockchain based PKI framework in mobile network is proposed to solve these issues. The system is constituted by submission nodes, validator nodes, inquiry nodes. Scenarios and application cases are provided, and it shows the system can be widely used in mobile networks. The blockchain based PKI system is analyzed and compared to traditional solutions. It shows the trustworthy of SSL (Security Socket Layer) certificates and device certificates are the same as those in traditional PKI system. The storage requirement and certificate capacity of blockchain based PKI system is analyzed. Since certificates have expiry dates, the optimization method based on the invalid certificates is proposed. The optimization improves the storage efficiency of the blockchain based PKI certificate management system.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"19 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128319992","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Describing spatio-temporal behaviors of cyber-physical systems attracts more and more attention in the filed of intelligent transportation systems and biological systems. The major problem is expressiveness and verifiability for modeling and analysis of spatio-temporal behaviors. In order to verify spatial and spatio-temporal behaviors, in this paper, we propose a methodology to model the evolution of spatial scene snapshots and verify the spatio-temporal models. Firstly, we define a novel Topograph through inducing Bigraph in topological space to characterize cyber-physical systems and verify the model against patterns specified with S4u formulas. Secondly, for spatio-temporal verification, we extend Topograph in dense time, named Temporal Topograph, to describe the evolution of spatial objects, which are verified against spatio-temporal specification language. We evaluate the applicability of the approach on CBTC-based intelligent transportation systems.
{"title":"Modeling and Verification of Spatio-Temporal Intelligent Transportation Systems","authors":"Tengfei Li, Xiaohong Chen, Haiying Sun, Jing Liu, Jiajia Yang, Chenchen Yang, Junfeng Sun","doi":"10.1109/TrustCom50675.2020.00081","DOIUrl":"https://doi.org/10.1109/TrustCom50675.2020.00081","url":null,"abstract":"Describing spatio-temporal behaviors of cyber-physical systems attracts more and more attention in the filed of intelligent transportation systems and biological systems. The major problem is expressiveness and verifiability for modeling and analysis of spatio-temporal behaviors. In order to verify spatial and spatio-temporal behaviors, in this paper, we propose a methodology to model the evolution of spatial scene snapshots and verify the spatio-temporal models. Firstly, we define a novel Topograph through inducing Bigraph in topological space to characterize cyber-physical systems and verify the model against patterns specified with S4u formulas. Secondly, for spatio-temporal verification, we extend Topograph in dense time, named Temporal Topograph, to describe the evolution of spatial objects, which are verified against spatio-temporal specification language. We evaluate the applicability of the approach on CBTC-based intelligent transportation systems.","PeriodicalId":221956,"journal":{"name":"2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129491289","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: