V. K. Yadav, Nitish Andola, S. Verma, S. Venkatesan
Oblivious transfer (OT) protocol is an essential tool in cryptography that provides a wide range of applications such as secure multi-party computation, private information retrieval, private set intersection, contract signing, and privacy-preserving location-based services. The OT protocol has different variants such as one-out-of-2, one-out-of-n, k-out-of-n, and OT extension. In the OT (one-out-of-2, one-out-of-n, and OT extension) protocol, the sender has a set of messages, whereas the receiver has a key. The receiver sends that key to the sender in a secure way; the sender cannot get any information about the received key. The sender encrypts every message by operating on every message using the received key and sends all the encrypted messages to the receiver. The receiver is able to extract only the required message using his key. However, in the k-out-of-n OT protocol, the receiver sends a set of k keys to the sender, and in replay, the sender sends all the encrypted messages. The receiver uses his keys and extracts the required messages, but it cannot gain any information about the messages that it has not requested. Generally, the OT protocol requires high communication and computation cost if we transfer millions of oblivious messages. The OT extension protocol provides a solution for this, where the receiver transfers a set of keys to the sender by executing a few numbers of OT protocols. Then, the sender encrypts all the messages using cheap symmetric key cryptography with the help of a received set of keys and transfers millions of oblivious messages to the receiver. In this work, we present different variants of OT protocols such as one-out-of-2, one-out-of-n, k-out-of-n, and OT extension. Furthermore, we cover various aspects of theoretical security guarantees such as semi-honest and malicious adversaries, universally composable, used techniques, computation, and communication efficiency aspects. From the analysis, we found that the semi-honest adversary-based OT protocols required low communication and computation costs as compared to malicious adversary-based OT protocols.
遗忘传输(OT)协议是密码学中的一个重要工具,它提供了广泛的应用,如安全多方计算、私有信息检索、私有集合交叉、合同签署和基于位置的隐私保护服务。OT协议有不同的变体,如1 of-2、1 of-n、k of-n和OT扩展。在OT(1 / 2、1 / n和OT扩展)协议中,发送方拥有一组消息,而接收方拥有一个密钥。接收方以安全的方式将密钥发送给发送方;发送方无法获得有关所接收密钥的任何信息。发送方使用接收到的密钥对每条消息进行操作,从而对每条消息进行加密,并将所有加密消息发送给接收方。接收方只能使用其密钥提取所需的消息。然而,在k-out- n OT协议中,接收方向发送方发送一组k个密钥,在重播中,发送方发送所有加密消息。接收方使用他的密钥并提取所需的消息,但是它不能获得关于它没有请求的消息的任何信息。通常情况下,如果传输数百万条无关消息,OT协议需要很高的通信和计算成本。OT扩展协议为此提供了一种解决方案,其中接收方通过执行少量OT协议将一组密钥传输给发送方。然后,发送方借助接收到的一组密钥,使用便宜的对称密钥加密所有消息,并将数百万条无关消息传输给接收方。在这项工作中,我们提出了OT协议的不同变体,如1 -out- 2, 1 -out- n, k-out- n和OT扩展。此外,我们还涵盖了理论上安全保证的各个方面,例如半诚实和恶意对手,普遍可组合,使用的技术,计算和通信效率方面。从分析中,我们发现与基于恶意对手的OT协议相比,半诚实的基于对手的OT协议需要较低的通信和计算成本。
{"title":"A Survey of Oblivious Transfer Protocol","authors":"V. K. Yadav, Nitish Andola, S. Verma, S. Venkatesan","doi":"10.1145/3503045","DOIUrl":"https://doi.org/10.1145/3503045","url":null,"abstract":"Oblivious transfer (OT) protocol is an essential tool in cryptography that provides a wide range of applications such as secure multi-party computation, private information retrieval, private set intersection, contract signing, and privacy-preserving location-based services. The OT protocol has different variants such as one-out-of-2, one-out-of-n, k-out-of-n, and OT extension. In the OT (one-out-of-2, one-out-of-n, and OT extension) protocol, the sender has a set of messages, whereas the receiver has a key. The receiver sends that key to the sender in a secure way; the sender cannot get any information about the received key. The sender encrypts every message by operating on every message using the received key and sends all the encrypted messages to the receiver. The receiver is able to extract only the required message using his key. However, in the k-out-of-n OT protocol, the receiver sends a set of k keys to the sender, and in replay, the sender sends all the encrypted messages. The receiver uses his keys and extracts the required messages, but it cannot gain any information about the messages that it has not requested. Generally, the OT protocol requires high communication and computation cost if we transfer millions of oblivious messages. The OT extension protocol provides a solution for this, where the receiver transfers a set of keys to the sender by executing a few numbers of OT protocols. Then, the sender encrypts all the messages using cheap symmetric key cryptography with the help of a received set of keys and transfers millions of oblivious messages to the receiver. In this work, we present different variants of OT protocols such as one-out-of-2, one-out-of-n, k-out-of-n, and OT extension. Furthermore, we cover various aspects of theoretical security guarantees such as semi-honest and malicious adversaries, universally composable, used techniques, computation, and communication efficiency aspects. From the analysis, we found that the semi-honest adversary-based OT protocols required low communication and computation costs as compared to malicious adversary-based OT protocols.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"149 1","pages":"1 - 37"},"PeriodicalIF":0.0,"publicationDate":"2022-01-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81497327","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Zijun Li, Linsong Guo, Jiagan Cheng, Quan Chen, Bingsheng He, M. Guo
The development of cloud infrastructures inspires the emergence of cloud-native computing. As the most promising architecture for deploying microservices, serverless computing has recently attracted more and more attention in both industry and academia. Due to its inherent scalability and flexibility, serverless computing becomes attractive and more pervasive for ever-growing Internet services. Despite the momentum in the cloud-native community, the existing challenges and compromises still wait for more advanced research and solutions to further explore the potential of the serverless computing model. As a contribution to this knowledge, this article surveys and elaborates the research domains in the serverless context by decoupling the architecture into four stack layers: Virtualization, Encapsule, System Orchestration, and System Coordination. Inspired by the security model, we highlight the key implications and limitations of these works in each layer, and make suggestions for potential challenges to the field of future serverless computing.
{"title":"The Serverless Computing Survey: A Technical Primer for Design Architecture","authors":"Zijun Li, Linsong Guo, Jiagan Cheng, Quan Chen, Bingsheng He, M. Guo","doi":"10.1145/3508360","DOIUrl":"https://doi.org/10.1145/3508360","url":null,"abstract":"The development of cloud infrastructures inspires the emergence of cloud-native computing. As the most promising architecture for deploying microservices, serverless computing has recently attracted more and more attention in both industry and academia. Due to its inherent scalability and flexibility, serverless computing becomes attractive and more pervasive for ever-growing Internet services. Despite the momentum in the cloud-native community, the existing challenges and compromises still wait for more advanced research and solutions to further explore the potential of the serverless computing model. As a contribution to this knowledge, this article surveys and elaborates the research domains in the serverless context by decoupling the architecture into four stack layers: Virtualization, Encapsule, System Orchestration, and System Coordination. Inspired by the security model, we highlight the key implications and limitations of these works in each layer, and make suggestions for potential challenges to the field of future serverless computing.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"7 1","pages":"1 - 34"},"PeriodicalIF":0.0,"publicationDate":"2021-12-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74769668","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xin Wang, Sisi Duan, James R. Clavin, Haibin Zhang
A blockchain is a distributed system that achieves strong security guarantees in storing, managing, and processing data. All blockchains achieve a common goal: building a decentralized system that provides a trustworthy service in an untrustworthy environment. A blockchain builds a Byzantine fault-tolerant (BFT) system in which decentralized nodes run a protocol to reach an agreement on the common system state. In this article, we focus on the research of BFT protocols. In particular, we categorize BFT protocols according to both the system models and workflow. We seek to answer these important questions: How has the research in BFT evolved in the past four decades, especially with the rise of blockchains? What are the driven needs for BFT research in the future?
{"title":"BFT in Blockchains: From Protocols to Use Cases","authors":"Xin Wang, Sisi Duan, James R. Clavin, Haibin Zhang","doi":"10.1145/3503042","DOIUrl":"https://doi.org/10.1145/3503042","url":null,"abstract":"A blockchain is a distributed system that achieves strong security guarantees in storing, managing, and processing data. All blockchains achieve a common goal: building a decentralized system that provides a trustworthy service in an untrustworthy environment. A blockchain builds a Byzantine fault-tolerant (BFT) system in which decentralized nodes run a protocol to reach an agreement on the common system state. In this article, we focus on the research of BFT protocols. In particular, we categorize BFT protocols according to both the system models and workflow. We seek to answer these important questions: How has the research in BFT evolved in the past four decades, especially with the rise of blockchains? What are the driven needs for BFT research in the future?","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"24 1","pages":"1 - 37"},"PeriodicalIF":0.0,"publicationDate":"2021-12-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73048013","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Verifiable Secret-Sharing (VSS) is a fundamental primitive in secure distributed computing. It is used as a building block in several distributed computing tasks, such as Byzantine agreement and secure multi-party computation. In this article, we consider VSS schemes with perfect security, tolerating computationally unbounded adversaries. We comprehensively survey the existing perfectly secure VSS schemes in three different communication settings, namely, synchronous, asynchronous, and hybrid setting and provide full details of the existing schemes in these settings. The aim of this survey is to provide a clear knowledge and foundation to researchers who are interested in knowing and extending the state-of-the-art perfectly secure VSS schemes.
{"title":"A Survey on Perfectly Secure Verifiable Secret-sharing","authors":"Anirudh Chandramouli, Ashish Choudhury, A. Patra","doi":"10.1145/3512344","DOIUrl":"https://doi.org/10.1145/3512344","url":null,"abstract":"Verifiable Secret-Sharing (VSS) is a fundamental primitive in secure distributed computing. It is used as a building block in several distributed computing tasks, such as Byzantine agreement and secure multi-party computation. In this article, we consider VSS schemes with perfect security, tolerating computationally unbounded adversaries. We comprehensively survey the existing perfectly secure VSS schemes in three different communication settings, namely, synchronous, asynchronous, and hybrid setting and provide full details of the existing schemes in these settings. The aim of this survey is to provide a clear knowledge and foundation to researchers who are interested in knowing and extending the state-of-the-art perfectly secure VSS schemes.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"24 1","pages":"1 - 36"},"PeriodicalIF":0.0,"publicationDate":"2021-12-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74988920","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the proliferation of social sensing, large amounts of observation are contributed by people or devices. However, these observations contain disinformation. Disinformation can propagate across online social networks at a relatively low cost, but result in a series of major problems in our society. In this survey, we provide a comprehensive overview of disinformation and truth discovery in social sensing under a unified perspective, including basic concepts and the taxonomy of existing methodologies. Furthermore, we summarize the mechanism of disinformation from four different perspectives (i.e., text only, text with image/multi-modal, text with propagation, and fusion models). In addition, we review existing solutions based on these requirements and compare their pros and cons and give a sort of guide to usage based on a detailed lesson learned. To facilitate future studies in this field, we summarize related publicly accessible real-world data sets and open source codes. Last but the most important, we emphasize potential future research topics and challenges in this domain through a deep analysis of most recent methods.
{"title":"A Unified Perspective for Disinformation Detection and Truth Discovery in Social Sensing: A Survey","authors":"Fan Xu, V. Sheng, Mingwen Wang","doi":"10.1145/3477138","DOIUrl":"https://doi.org/10.1145/3477138","url":null,"abstract":"With the proliferation of social sensing, large amounts of observation are contributed by people or devices. However, these observations contain disinformation. Disinformation can propagate across online social networks at a relatively low cost, but result in a series of major problems in our society. In this survey, we provide a comprehensive overview of disinformation and truth discovery in social sensing under a unified perspective, including basic concepts and the taxonomy of existing methodologies. Furthermore, we summarize the mechanism of disinformation from four different perspectives (i.e., text only, text with image/multi-modal, text with propagation, and fusion models). In addition, we review existing solutions based on these requirements and compare their pros and cons and give a sort of guide to usage based on a detailed lesson learned. To facilitate future studies in this field, we summarize related publicly accessible real-world data sets and open source codes. Last but the most important, we emphasize potential future research topics and challenges in this domain through a deep analysis of most recent methods.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"1 1","pages":"1 - 33"},"PeriodicalIF":0.0,"publicationDate":"2021-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73302991","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Christopher Brant, P. Shrestha, Ben Mixon-Baca, Kejun Chen, Said Varlioglu, Nelly Elsayed, Yier Jin, Jedidiah R. Crandall, Daniela Oliveira
Information flow tracking was proposed more than 40 years ago to address the limitations of access control mechanisms to guarantee the confidentiality and integrity of information flowing within a system, but has not yet been widely applied in practice for security solutions. Here, we survey and systematize literature on dynamic information flow tracking (DIFT) to discover challenges and opportunities to make it practical and effective for security solutions. We focus on common knowledge in the literature and lingering research gaps from two dimensions— (i) the layer of abstraction where DIFT is implemented (software, software/hardware, or hardware) and (ii) the security goal (confidentiality and/or integrity). We observe that two major limitations hinder the practical application of DIFT for on-the-fly security applications: (i) high implementation overhead and (ii) incomplete information flow tracking (low accuracy). We posit, after review of the literature, that addressing these major impedances via hardware parallelism can potentially unleash DIFT’s great potential for systems security, as it can allow security policies to be implemented in a built-in and standardized fashion. Furthermore, we provide recommendations for the next generation of practical and efficient DIFT systems with an eye towards hardware-supported implementations.
{"title":"Challenges and Opportunities for Practical and Effective Dynamic Information Flow Tracking","authors":"Christopher Brant, P. Shrestha, Ben Mixon-Baca, Kejun Chen, Said Varlioglu, Nelly Elsayed, Yier Jin, Jedidiah R. Crandall, Daniela Oliveira","doi":"10.1145/3483790","DOIUrl":"https://doi.org/10.1145/3483790","url":null,"abstract":"Information flow tracking was proposed more than 40 years ago to address the limitations of access control mechanisms to guarantee the confidentiality and integrity of information flowing within a system, but has not yet been widely applied in practice for security solutions. Here, we survey and systematize literature on dynamic information flow tracking (DIFT) to discover challenges and opportunities to make it practical and effective for security solutions. We focus on common knowledge in the literature and lingering research gaps from two dimensions— (i) the layer of abstraction where DIFT is implemented (software, software/hardware, or hardware) and (ii) the security goal (confidentiality and/or integrity). We observe that two major limitations hinder the practical application of DIFT for on-the-fly security applications: (i) high implementation overhead and (ii) incomplete information flow tracking (low accuracy). We posit, after review of the literature, that addressing these major impedances via hardware parallelism can potentially unleash DIFT’s great potential for systems security, as it can allow security policies to be implemented in a built-in and standardized fashion. Furthermore, we provide recommendations for the next generation of practical and efficient DIFT systems with an eye towards hardware-supported implementations.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"5 1","pages":"1 - 33"},"PeriodicalIF":0.0,"publicationDate":"2021-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87728963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Hazra, Mainak Adhikari, Tarachand Amgoth, S. Srirama
In the era of Industry 4.0, the Internet-of-Things (IoT) performs the driving position analogous to the initial industrial metamorphosis. IoT affords the potential to couple machine-to-machine intercommunication and real-time information-gathering within the industry domain. Hence, the enactment of IoT in the industry magnifies effective optimization, authority, and data-driven judgment. However, this field undergoes several interoperable issues, including large numbers of heterogeneous IoT gadgets, tools, software, sensing, and processing components, joining through the Internet, despite the deficiency of communication protocols and standards. Recently, various interoperable protocols, platforms, standards, and technologies are enhanced and altered according to the specifications of the applicability in industrial applications. However, there are no recent survey papers that primarily examine various interoperability issues that Industrial IoT (IIoT) faces. In this review, we investigate the conventional and recent developments of relevant state-of-the-art IIoT technologies, frameworks, and solutions for facilitating interoperability between different IIoT components. We also discuss several interoperable IIoT standards, protocols, and models for digitizing the industrial revolution. Finally, we conclude this survey with an inherent discussion of open challenges and directions for future research.
{"title":"A Comprehensive Survey on Interoperability for IIoT: Taxonomy, Standards, and Future Directions","authors":"A. Hazra, Mainak Adhikari, Tarachand Amgoth, S. Srirama","doi":"10.1145/3485130","DOIUrl":"https://doi.org/10.1145/3485130","url":null,"abstract":"In the era of Industry 4.0, the Internet-of-Things (IoT) performs the driving position analogous to the initial industrial metamorphosis. IoT affords the potential to couple machine-to-machine intercommunication and real-time information-gathering within the industry domain. Hence, the enactment of IoT in the industry magnifies effective optimization, authority, and data-driven judgment. However, this field undergoes several interoperable issues, including large numbers of heterogeneous IoT gadgets, tools, software, sensing, and processing components, joining through the Internet, despite the deficiency of communication protocols and standards. Recently, various interoperable protocols, platforms, standards, and technologies are enhanced and altered according to the specifications of the applicability in industrial applications. However, there are no recent survey papers that primarily examine various interoperability issues that Industrial IoT (IIoT) faces. In this review, we investigate the conventional and recent developments of relevant state-of-the-art IIoT technologies, frameworks, and solutions for facilitating interoperability between different IIoT components. We also discuss several interoperable IIoT standards, protocols, and models for digitizing the industrial revolution. Finally, we conclude this survey with an inherent discussion of open challenges and directions for future research.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"69 1","pages":"1 - 35"},"PeriodicalIF":0.0,"publicationDate":"2021-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84071865","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Representing dynamic textures (DTs) plays an important role in many real implementations in the computer vision community. Due to the turbulent and non-directional motions of DTs along with the negative impacts of different factors (e.g., environmental changes, noise, illumination, etc.), efficiently analyzing DTs has raised considerable challenges for the state-of-the-art approaches. For 20 years, many different techniques have been introduced to handle the above well-known issues for enhancing the performance. Those methods have shown valuable contributions, but the problems have been incompletely dealt with, particularly recognizing DTs on large-scale datasets. In this article, we present a comprehensive taxonomy of DT representation in order to purposefully give a thorough overview of the existing methods along with overall evaluations of their obtained performances. Accordingly, we arrange the methods into six canonical categories. Each of them is then taken in a brief presentation of its principal methodology stream and various related variants. The effectiveness levels of the state-of-the-art methods are then investigated and thoroughly discussed with respect to quantitative and qualitative evaluations in classifying DTs on benchmark datasets. Finally, we point out several potential applications and the remaining challenges that should be addressed in further directions. In comparison with two existing shallow DT surveys (i.e., the first one is out of date as it was made in 2005, while the newer one (published in 2016) is an inadequate overview), we believe that our proposed comprehensive taxonomy not only provides a better view of DT representation for the target readers but also stimulates future research activities.
{"title":"A Comprehensive Taxonomy of Dynamic Texture Representation","authors":"Thanh Tuan Nguyen, T. Nguyen","doi":"10.1145/3487892","DOIUrl":"https://doi.org/10.1145/3487892","url":null,"abstract":"Representing dynamic textures (DTs) plays an important role in many real implementations in the computer vision community. Due to the turbulent and non-directional motions of DTs along with the negative impacts of different factors (e.g., environmental changes, noise, illumination, etc.), efficiently analyzing DTs has raised considerable challenges for the state-of-the-art approaches. For 20 years, many different techniques have been introduced to handle the above well-known issues for enhancing the performance. Those methods have shown valuable contributions, but the problems have been incompletely dealt with, particularly recognizing DTs on large-scale datasets. In this article, we present a comprehensive taxonomy of DT representation in order to purposefully give a thorough overview of the existing methods along with overall evaluations of their obtained performances. Accordingly, we arrange the methods into six canonical categories. Each of them is then taken in a brief presentation of its principal methodology stream and various related variants. The effectiveness levels of the state-of-the-art methods are then investigated and thoroughly discussed with respect to quantitative and qualitative evaluations in classifying DTs on benchmark datasets. Finally, we point out several potential applications and the remaining challenges that should be addressed in further directions. In comparison with two existing shallow DT surveys (i.e., the first one is out of date as it was made in 2005, while the newer one (published in 2016) is an inadequate overview), we believe that our proposed comprehensive taxonomy not only provides a better view of DT representation for the target readers but also stimulates future research activities.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"11 6","pages":"1 - 39"},"PeriodicalIF":0.0,"publicationDate":"2021-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91438395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, with rapid technological advancement in both computing hardware and algorithm, Artificial Intelligence (AI) has demonstrated significant advantage over human being in a wide range of fields, such as image recognition, education, autonomous vehicles, finance, and medical diagnosis. However, AI-based systems are generally vulnerable to various security threats throughout the whole process, ranging from the initial data collection and preparation to the training, inference, and final deployment. In an AI-based system, the data collection and pre-processing phase are vulnerable to sensor spoofing attacks and scaling attacks, respectively, while the training and inference phases of the model are subject to poisoning attacks and adversarial attacks, respectively. To address these severe security threats against the AI-based systems, in this article, we review the challenges and recent research advances for security issues in AI, so as to depict an overall blueprint for AI security. More specifically, we first take the lifecycle of an AI-based system as a guide to introduce the security threats that emerge at each stage, which is followed by a detailed summary for corresponding countermeasures. Finally, some of the future challenges and opportunities for the security issues in AI will also be discussed.
{"title":"Artificial Intelligence Security: Threats and Countermeasures","authors":"Yupeng Hu, Wenxin Kuang, Zheng Qin, Kenli Li, Jiliang Zhang, Yansong Gao, Wei Li, Kuan-Ching Li","doi":"10.1145/3487890","DOIUrl":"https://doi.org/10.1145/3487890","url":null,"abstract":"In recent years, with rapid technological advancement in both computing hardware and algorithm, Artificial Intelligence (AI) has demonstrated significant advantage over human being in a wide range of fields, such as image recognition, education, autonomous vehicles, finance, and medical diagnosis. However, AI-based systems are generally vulnerable to various security threats throughout the whole process, ranging from the initial data collection and preparation to the training, inference, and final deployment. In an AI-based system, the data collection and pre-processing phase are vulnerable to sensor spoofing attacks and scaling attacks, respectively, while the training and inference phases of the model are subject to poisoning attacks and adversarial attacks, respectively. To address these severe security threats against the AI-based systems, in this article, we review the challenges and recent research advances for security issues in AI, so as to depict an overall blueprint for AI security. More specifically, we first take the lifecycle of an AI-based system as a guide to introduce the security threats that emerge at each stage, which is followed by a detailed summary for corresponding countermeasures. Finally, some of the future challenges and opportunities for the security issues in AI will also be discussed.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"37 1","pages":"1 - 36"},"PeriodicalIF":0.0,"publicationDate":"2021-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76496468","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Kinza Sarwar, Sira Yongchareon, Jian Yu, S. Rehman
Despite the rapid growth and advancement in the Internet of Things (IoT), there are critical challenges that need to be addressed before the full adoption of the IoT. Data privacy is one of the hurdles towards the adoption of IoT as there might be potential misuse of users’ data and their identity in IoT applications. Several researchers have proposed different approaches to reduce privacy risks. However, most of the existing solutions still suffer from various drawbacks, such as huge bandwidth utilization and network latency, heavyweight cryptosystems, and policies that are applied on sensor devices and in the cloud. To address these issues, fog computing has been introduced for IoT network edges providing low latency, computation, and storage services. In this survey, we comprehensively review and classify privacy requirements for an in-depth understanding of privacy implications in IoT applications. Based on the classification, we highlight ongoing research efforts and limitations of the existing privacy-preservation techniques and map the existing IoT schemes with Fog-enabled IoT schemes to elaborate on the benefits and improvements that Fog-enabled IoT can bring to preserve data privacy in IoT applications. Lastly, we enumerate key research challenges and point out future research directions.
{"title":"A Survey on Privacy Preservation in Fog-Enabled Internet of Things","authors":"Kinza Sarwar, Sira Yongchareon, Jian Yu, S. Rehman","doi":"10.1145/3474554","DOIUrl":"https://doi.org/10.1145/3474554","url":null,"abstract":"Despite the rapid growth and advancement in the Internet of Things (IoT), there are critical challenges that need to be addressed before the full adoption of the IoT. Data privacy is one of the hurdles towards the adoption of IoT as there might be potential misuse of users’ data and their identity in IoT applications. Several researchers have proposed different approaches to reduce privacy risks. However, most of the existing solutions still suffer from various drawbacks, such as huge bandwidth utilization and network latency, heavyweight cryptosystems, and policies that are applied on sensor devices and in the cloud. To address these issues, fog computing has been introduced for IoT network edges providing low latency, computation, and storage services. In this survey, we comprehensively review and classify privacy requirements for an in-depth understanding of privacy implications in IoT applications. Based on the classification, we highlight ongoing research efforts and limitations of the existing privacy-preservation techniques and map the existing IoT schemes with Fog-enabled IoT schemes to elaborate on the benefits and improvements that Fog-enabled IoT can bring to preserve data privacy in IoT applications. Lastly, we enumerate key research challenges and point out future research directions.","PeriodicalId":7000,"journal":{"name":"ACM Computing Surveys (CSUR)","volume":"151 1","pages":"1 - 39"},"PeriodicalIF":0.0,"publicationDate":"2021-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89232286","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: