Jiaxi Chen, Hong Zou, Jiangxing Wu, Fan Zhang, Yuting Shang, Xinsheng JI
To address the serious imbalance between the supply and demand of cybersecurity workforce, this paper proposes to embrace the latest trend of a fundamental shift in the "underlying dynamics of the digital ecosystem", focusing on a shared liability for cybersecurity between the application side and the manufacturing side. Assuming that product providers shall take more responsibility by implementing secure defaults, this paper explores the establishment of an S&S talent cultivation system to strike the right balance of cybersecurity liabilities by nurturing more responsible developers. This paper proposes a Knowledge, Skill, and Awareness(KSA) model for Security and Safety (S&S) talent cultivation, and proves the feasibility of this model by analyzing the theoretical, disciplinary, methodological, practical, and societal foundations of S&S talent cultivation. Additionally, this paper also proposes principles and strategies for building a S&S talent cultivation system based on its unique characteristics and patterns. It gives a talent cultivation scheme, supported by "Independent Knowledge System, Education and Cultivation System, Practice and Training system, Evaluation and Certification system, and Awareness Popularization System". Finally, this paper puts forward a proposal for coordinating efforts and adopting multiple measures to accelerate the cultivation of S&S talents.
{"title":"On Cultivation of Cybersecurity and Safety talents and Responsible Developers","authors":"Jiaxi Chen, Hong Zou, Jiangxing Wu, Fan Zhang, Yuting Shang, Xinsheng JI","doi":"10.1051/sands/2024010","DOIUrl":"https://doi.org/10.1051/sands/2024010","url":null,"abstract":"To address the serious imbalance between the supply and demand of cybersecurity workforce, this paper proposes to embrace the latest trend of a fundamental shift in the \"underlying dynamics of the digital ecosystem\", focusing on a shared liability for cybersecurity between the application side and the manufacturing side. Assuming that product providers shall take more responsibility by implementing secure defaults, this paper explores the establishment of an S&S talent cultivation system to strike the right balance of cybersecurity liabilities by nurturing more responsible developers. This paper proposes a Knowledge, Skill, and Awareness(KSA) model for Security and Safety (S&S) talent cultivation, and proves the feasibility of this model by analyzing the theoretical, disciplinary, methodological, practical, and societal foundations of S&S talent cultivation. Additionally, this paper also proposes principles and strategies for building a S&S talent cultivation system based on its unique characteristics and patterns. It gives a talent cultivation scheme, supported by \"Independent Knowledge System, Education and Cultivation System, Practice and Training system, Evaluation and Certification system, and Awareness Popularization System\". Finally, this paper puts forward a proposal for coordinating efforts and adopting multiple measures to accelerate the cultivation of S&S talents.","PeriodicalId":513337,"journal":{"name":"Security and Safety","volume":"117 38","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-07-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141822172","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The inherent characteristics of big data lies in its voluminous scale, varied data formats, and swift processing velocity. The intrinsic characteristics of big data undermine the efficacy of conventional data security techniques and data management standards, consequently compromising the security of big data. As a consequence, big data possesses susceptibilities to security incidents, including unauthorized data access, data manipulation, and data compromise throughout the transmission, storage, and processing stages. Conventional information system security risk assessment methodologies are constrained by human resources and computational techniques, rendering them unsuitable for direct application to big data platforms. Consequently, there is an urgent necessity to develop a risk assessment framework tailored specifically for big data environments, capable of quantifying potential risks and losses. In response to this need, we have devised an automated risk assessment theory that assimilates the unique characteristics of big data with traditional quantitative methods, introducing a risk metric system suited to the big data context. Utilizing the risk-related data generated during operations on the big data platform, we train a decision tree model to derive the weights for each risk indicator. These weights are then employed to conduct a weighted summation of the operational risk indicators, thereby achieving a quantitative evaluation of the platform's risk profile. To substantiate the proposed framework, experiments were conducted on a simulated big data platform. The experimental outcomes demonstrate that, compared to existing quantitative risk assessment methodologies, our approach enables an automatic, objective, and efficient assessment and quantification of the risks associated with tangible assets and data processing operations within the big data platform.
{"title":"RiskTree: Decision Trees for Asset and Process Risk Assessment Quantification in Big Data Platforms","authors":"Zhenyang Guo, Haomou Zhan, Jiawei Yang, Jin Cao, Wei You, X. Zhao, Hui Li, Dong Zhang","doi":"10.1051/sands/2024009","DOIUrl":"https://doi.org/10.1051/sands/2024009","url":null,"abstract":"The inherent characteristics of big data lies in its voluminous scale, varied data formats, and swift processing velocity. The intrinsic characteristics of big data undermine the efficacy of conventional data security techniques and data management standards, consequently compromising the security of big data. As a consequence, big data possesses susceptibilities to security incidents, including unauthorized data access, data manipulation, and data compromise throughout the transmission, storage, and processing stages. Conventional information system security risk assessment methodologies are constrained by human resources and computational techniques, rendering them unsuitable for direct application to big data platforms. Consequently, there is an urgent necessity to develop a risk assessment framework tailored specifically for big data environments, capable of quantifying potential risks and losses. In response to this need, we have devised an automated risk assessment theory that assimilates the unique characteristics of big data with traditional quantitative methods, introducing a risk metric system suited to the big data context. Utilizing the risk-related data generated during operations on the big data platform, we train a decision tree model to derive the weights for each risk indicator. These weights are then employed to conduct a weighted summation of the operational risk indicators, thereby achieving a quantitative evaluation of the platform's risk profile. To substantiate the proposed framework, experiments were conducted on a simulated big data platform. The experimental outcomes demonstrate that, compared to existing quantitative risk assessment methodologies, our approach enables an automatic, objective, and efficient assessment and quantification of the risks associated with tangible assets and data processing operations within the big data platform.","PeriodicalId":513337,"journal":{"name":"Security and Safety","volume":"186 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-07-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141681648","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Zhixin Li, Yicun Liu, Jiale Li, Guangnan Ye, Hongfeng Chai, Zhihui Lu, Jie Wu
Federated Learning (FL) heralds a paradigm shift in the training of artificial intelligence (AI) models by fostering collaborative model training while safeguarding client data privacy. In sectors where data sensitivity and AI model security are of paramount importance, such as fintech and biomedicine, maintaining the utility of models without compromising privacy is crucial with the growing application of artificial intelligence technologies. Therefore, the adoption of FL is attracting significant attention. However, traditional Federated Learning methods are vulnerable to Deep Leakage from Gradients (DLG) attacks, and typical defensive strategies often result in excessive computational costs or substantial decreases in model accuracy. To navigate these challenges, this research introduces VAEFL, an innovative FL framework that incorporates Variational Autoencoders (VAEs) to bolster privacy protection without undermining the predictive prowess of the models. VAEFL strategically partitions the model into a private encoder and a public decoder. The private encoder, remaining local, transmutes sensitive data into a latent space fortified for privacy, while the public decoder and classifier, through collaborative training across clients, learn to derive precise predictions from the encoded data. This bifurcation ensures that sensitive data attributes are not disclosed, circumventing gradient leakage attacks and simultaneously allowing the global model to benefit from the diverse knowledge of client datasets. Comprehensive experiments demonstrate that VAEFL not only surpasses standard FL benchmarks in privacy preservation but also maintains competitive performance in predictive tasks. VAEFL thus establishes a novel equilibrium between data privacy and model utility, offering a secure and efficient federated learning approach for the sensitive application of FL in the financial domain.
{"title":"VAEFL: Integrating Variational Autoencoders for Privacy Preservation and Performance Retention in Federated Learning","authors":"Zhixin Li, Yicun Liu, Jiale Li, Guangnan Ye, Hongfeng Chai, Zhihui Lu, Jie Wu","doi":"10.1051/sands/2024005","DOIUrl":"https://doi.org/10.1051/sands/2024005","url":null,"abstract":"Federated Learning (FL) heralds a paradigm shift in the training of artificial intelligence (AI) models by fostering collaborative model training while safeguarding client data privacy. In sectors where data sensitivity and AI model security are of paramount importance, such as fintech and biomedicine, maintaining the utility of models without compromising privacy is crucial with the growing application of artificial intelligence technologies. Therefore, the adoption of FL is attracting significant attention. However, traditional Federated Learning methods are vulnerable to Deep Leakage from Gradients (DLG) attacks, and typical defensive strategies often result in excessive computational costs or substantial decreases in model accuracy. To navigate these challenges, this research introduces VAEFL, an innovative FL framework that incorporates Variational Autoencoders (VAEs) to bolster privacy protection without undermining the predictive prowess of the models. VAEFL strategically partitions the model into a private encoder and a public decoder. The private encoder, remaining local, transmutes sensitive data into a latent space fortified for privacy, while the public decoder and classifier, through collaborative training across clients, learn to derive precise predictions from the encoded data. This bifurcation ensures that sensitive data attributes are not disclosed, circumventing gradient leakage attacks and simultaneously allowing the global model to benefit from the diverse knowledge of client datasets. Comprehensive experiments demonstrate that VAEFL not only surpasses standard FL benchmarks in privacy preservation but also maintains competitive performance in predictive tasks. VAEFL thus establishes a novel equilibrium between data privacy and model utility, offering a secure and efficient federated learning approach for the sensitive application of FL in the financial domain.","PeriodicalId":513337,"journal":{"name":"Security and Safety","volume":"10 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-04-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140658619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Efficient and trusted regulation of unmanned aerial vehicles (UAVs) is an essential but challenging issue in the future era of Internet of Low-altitude Intelligence, due to the difficulties in UAVs' identity recognition and location matching, potential for falsified information reporting, etc. To address this challenging issue, in this paper, we propose a blockchain-based UAV location authentication scheme, which employs a distance bounding protocol to establish a location proof, ensuring the authenticity of UAV positions. To preserve the privacy of UAVs, anonymous certificates and zero-knowledge proof are used. The security of the proposed scheme is analyzed. Experiments demonstrate the efficiency and feasibility of the proposed scheme.
{"title":"Privacy-Preserving Location Authentication for Low-altitude UAVs: A Blockchain-based Approach","authors":"Hengchang Pan, Yuanshuo Wang, Wei Wang, Ping Cao, Fangwei Ye, Qihui Wu","doi":"10.1051/sands/2024004","DOIUrl":"https://doi.org/10.1051/sands/2024004","url":null,"abstract":"Efficient and trusted regulation of unmanned aerial vehicles (UAVs) is an essential but challenging issue in the future era of Internet of Low-altitude Intelligence, due to the difficulties in UAVs' identity recognition and location matching, potential for falsified information reporting, etc. To address this challenging issue, in this paper, we propose a blockchain-based UAV location authentication scheme, which employs a distance bounding protocol to establish a location proof, ensuring the authenticity of UAV positions. To preserve the privacy of UAVs, anonymous certificates and zero-knowledge proof are used. The security of the proposed scheme is analyzed. Experiments demonstrate the efficiency and feasibility of the proposed scheme.","PeriodicalId":513337,"journal":{"name":"Security and Safety","volume":"56 4","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-03-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140231075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Huilin Yin, Wenwen Chen, Jun Yan, Weiquan Huang, Wancheng Ge, Huaping Liu
Deep learning based on labeled data has brought massive success in computer vision, speech recognition, and natural language processing. Nevertheless, labeled data is just a drop in the ocean compared with unlabeled data. How can people utilize the unlabeled data effectively? Research has focused on unsupervised and semi-supervised learning to solve such a problem. Some theoretical and empirical studies have proved that unlabeled data can help boost the generalization ability and robustness under adversarial attacks.�However, current theoretical research on the relationship between robustness and unlabeled data limits its scope to toy datasets. Meanwhile, the visual models in autonomous driving need a significant improvement in robustness to guarantee security and safety. This paper proposes a semi-supervised learning framework for object detection in autonomous vehicles, improving the robustness with unlabeled data. Firstly, we build a baseline with the transfer learning of an unsupervised contrastive learning method—Momentum Contrast�(MoCo). Secondly, we propose a semi-supervised co-training method to label the unlabeled data for retraining, which improves generalization on the autonomous driving dataset. Thirdly, we apply the unsupervised Bounding Box data augmentation (BBAug) method based on a search algorithm, which uses reinforcement learning to improve the robustness of object detection for autonomous driving. We present an empirical study on the KITTI dataset with diverse adversarial attack methods. Our proposed method realizes�the state-of-the-art generalization and robustness under white-box attacks (DPatch and Contextual Patch) and black-box attacks (Gaussian noise, Rain, Fog, and so on). Our proposed method and empirical study show that using more unlabeled data benefits the robustness of perception systems in all-weather autonomous driving. Code is available at: https://github.com/CHENWenwen19/co-training_for_autonomous-driving.
{"title":"Robust Object Detection for Autonomous Driving Based on Semi-supervised Learning","authors":"Huilin Yin, Wenwen Chen, Jun Yan, Weiquan Huang, Wancheng Ge, Huaping Liu","doi":"10.1051/sands/2024002","DOIUrl":"https://doi.org/10.1051/sands/2024002","url":null,"abstract":"Deep learning based on labeled data has brought massive success in computer vision, speech recognition, and natural language processing. Nevertheless, labeled data is just a drop in the ocean compared with unlabeled data. How can people utilize the unlabeled data effectively? Research has focused on unsupervised and semi-supervised learning to solve such a problem. Some theoretical and empirical studies have proved that unlabeled data can help boost the generalization ability and robustness under adversarial attacks.\u0000However, current theoretical research on the relationship between robustness and unlabeled data limits its scope to toy datasets. Meanwhile, the visual models in autonomous driving need a significant improvement in robustness to guarantee security and safety. This paper proposes a semi-supervised learning framework for object detection in autonomous vehicles, improving the robustness with unlabeled data. Firstly, we build a baseline with the transfer learning of an unsupervised contrastive learning method—Momentum Contrast\u0000(MoCo). Secondly, we propose a semi-supervised co-training method to label the unlabeled data for retraining, which improves generalization on the autonomous driving dataset. Thirdly, we apply the unsupervised Bounding Box data augmentation (BBAug) method based on a search algorithm, which uses reinforcement learning to improve the robustness of object detection for autonomous driving. We present an empirical study on the KITTI dataset with diverse adversarial attack methods. Our proposed method realizes\u0000the state-of-the-art generalization and robustness under white-box attacks (DPatch and Contextual Patch) and black-box attacks (Gaussian noise, Rain, Fog, and so on). Our proposed method and empirical study show that using more unlabeled data benefits the robustness of perception systems in all-weather autonomous driving. Code is available at: https://github.com/CHENWenwen19/co-training_for_autonomous-driving.","PeriodicalId":513337,"journal":{"name":"Security and Safety","volume":"30 5","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139864975","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Huilin Yin, Wenwen Chen, Jun Yan, Weiquan Huang, Wancheng Ge, Huaping Liu
Deep learning based on labeled data has brought massive success in computer vision, speech recognition, and natural language processing. Nevertheless, labeled data is just a drop in the ocean compared with unlabeled data. How can people utilize the unlabeled data effectively? Research has focused on unsupervised and semi-supervised learning to solve such a problem. Some theoretical and empirical studies have proved that unlabeled data can help boost the generalization ability and robustness under adversarial attacks.�However, current theoretical research on the relationship between robustness and unlabeled data limits its scope to toy datasets. Meanwhile, the visual models in autonomous driving need a significant improvement in robustness to guarantee security and safety. This paper proposes a semi-supervised learning framework for object detection in autonomous vehicles, improving the robustness with unlabeled data. Firstly, we build a baseline with the transfer learning of an unsupervised contrastive learning method—Momentum Contrast�(MoCo). Secondly, we propose a semi-supervised co-training method to label the unlabeled data for retraining, which improves generalization on the autonomous driving dataset. Thirdly, we apply the unsupervised Bounding Box data augmentation (BBAug) method based on a search algorithm, which uses reinforcement learning to improve the robustness of object detection for autonomous driving. We present an empirical study on the KITTI dataset with diverse adversarial attack methods. Our proposed method realizes�the state-of-the-art generalization and robustness under white-box attacks (DPatch and Contextual Patch) and black-box attacks (Gaussian noise, Rain, Fog, and so on). Our proposed method and empirical study show that using more unlabeled data benefits the robustness of perception systems in all-weather autonomous driving. Code is available at: https://github.com/CHENWenwen19/co-training_for_autonomous-driving.
{"title":"Robust Object Detection for Autonomous Driving Based on Semi-supervised Learning","authors":"Huilin Yin, Wenwen Chen, Jun Yan, Weiquan Huang, Wancheng Ge, Huaping Liu","doi":"10.1051/sands/2024002","DOIUrl":"https://doi.org/10.1051/sands/2024002","url":null,"abstract":"Deep learning based on labeled data has brought massive success in computer vision, speech recognition, and natural language processing. Nevertheless, labeled data is just a drop in the ocean compared with unlabeled data. How can people utilize the unlabeled data effectively? Research has focused on unsupervised and semi-supervised learning to solve such a problem. Some theoretical and empirical studies have proved that unlabeled data can help boost the generalization ability and robustness under adversarial attacks.\u0000However, current theoretical research on the relationship between robustness and unlabeled data limits its scope to toy datasets. Meanwhile, the visual models in autonomous driving need a significant improvement in robustness to guarantee security and safety. This paper proposes a semi-supervised learning framework for object detection in autonomous vehicles, improving the robustness with unlabeled data. Firstly, we build a baseline with the transfer learning of an unsupervised contrastive learning method—Momentum Contrast\u0000(MoCo). Secondly, we propose a semi-supervised co-training method to label the unlabeled data for retraining, which improves generalization on the autonomous driving dataset. Thirdly, we apply the unsupervised Bounding Box data augmentation (BBAug) method based on a search algorithm, which uses reinforcement learning to improve the robustness of object detection for autonomous driving. We present an empirical study on the KITTI dataset with diverse adversarial attack methods. Our proposed method realizes\u0000the state-of-the-art generalization and robustness under white-box attacks (DPatch and Contextual Patch) and black-box attacks (Gaussian noise, Rain, Fog, and so on). Our proposed method and empirical study show that using more unlabeled data benefits the robustness of perception systems in all-weather autonomous driving. Code is available at: https://github.com/CHENWenwen19/co-training_for_autonomous-driving.","PeriodicalId":513337,"journal":{"name":"Security and Safety","volume":"22 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2024-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139805107","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: