分散式系统和网络的安全、隐私和信任管理

IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS International Journal of Network Management Pub Date : 2024-10-15 DOI:10.1002/nem.2311
Weizhi Meng, Sokratis K. Katsikas, Jiageng Chen, Chao Chen
{"title":"分散式系统和网络的安全、隐私和信任管理","authors":"Weizhi Meng,&nbsp;Sokratis K. Katsikas,&nbsp;Jiageng Chen,&nbsp;Chao Chen","doi":"10.1002/nem.2311","DOIUrl":null,"url":null,"abstract":"<p>With the rapid growth of size and scale in current organization, decentralize systems are becoming dominant, which is an interconnected information system where no single entity or central server is employed as a sole authority, such as Internet of Things (IoT), smart home system, smart city system, and more. For such systems, sensors are important to gather and process data as the lower level components. However, with the distributed deployment, decentralized systems are facing various security, privacy, and trust issues. For instance, any compromised sensor may leak sensitive data or be used to infect other entities within the system. It is also a long-term challenge to establish trust among different nodes and defeat malicious insiders. Here, there is a requirement to develop suitable management schemes for decentralized systems and networks regarding security, privacy, and trust. This special issue focuses on the identification of security, privacy, and trust issues in decentralized systems and the development of effective solutions in handling security, privacy, and trust issues for decentralized systems, for example, IoT, cyber-physical systems (CPS), smart city, and smart home.</p><p>In the first contribution entitled “A security-enhanced equipment predictive maintenance solution for the ETO manufacturing,” Cao et al. proposed a security-enhanced predictive maintenance scheme specifically designed for ETO-type production equipment. This scheme can use the industrial Internet of Things (IIoT) technology to monitor machines and equipment, constructing prediction models using machine learning methods and reinforcing the security of the prediction system through adoption of a decentralized architecture with blockchain distributed storage. In this experiment, six supervised learning models were compared, and it was found that the model based on the random forest algorithm achieved an outstanding accuracy rate of 98.88%.</p><p>In the second contribution entitled “IGXSS: XSS payload detection model based on inductive GCN,” Wang et al. figured out that XSS is one of the most common web application attacks, in which an attacker can obtain private user information from IoT devices or cloud platforms. To address this issue, the authors proposed an XSS payload detection model based on inductive graph neural networks, shortly IGXSS (XSS payload detection model based on inductive GCN). The method aims to detect XSS payloads under an IoT environment by segmenting the samples as nodes and obtaining the feature matrix of nodes and edges.</p><p>In the third contribution entitled “Privacy-protected object detection through trustworthy image fusion,” Zhang et al. identified that user privacy may be leaked as infrared images may contain sensitive information. The authors then proposed a procedure for enhancing the database privacy, object detection based on multi-band infrared image datasets, and they utilized the transfer learning technique to migrate knowledge learned from external infrared data to internal infrared data. The proposed approach consists of several steps including data preprocessing of multi-band infrared images, multi-band infrared image fusion, and object detection. They found that transfer learning is very beneficial for keeping the privacy of multi-band infrared images during the fusion and detection processes.</p><p>In the fourth contribution entitled “ASMTP: Anonymous secure messaging token-based protocol assisted data security in swarm of unmanned aerial vehicles,” Manikandan and Sriramulu argued that there is a need for perfect forward secrecy and non-repudiation during UAV-to-UAV (unmanned aerial vehicles) communication. The authors proposed a protocol for UAV Swarm communication with anonymous secure messaging token-based protocol (ASMTP). Such protocol can help secure UAV-to-base station communication and safeguard the metadata of the sender and receiver nodes.</p><p>In the fifth contribution entitled “Privacy-preserving data aggregation achieving completeness of data queries in smart grid,” Li et al. identified that privacy and security should be the priority in smart grid systems. The authors proposed a privacy-preserving data aggregation scheme that aims to support data query. They also developed a multi-level data aggregation mechanism based on Paillier semi-homomorphic encryption, in order to reach efficient aggregation of user data in the control center. They used a data query mechanism based on electricity consumption intervals to enable the control center to query aggregated ciphertexts for different users.</p><p>In the sixth contribution entitled “A secure and light-weight patient survival prediction in Internet of Medical Things framework,” Mittal et al. aimed to explore the interplay of objective and subjective data in predicting postoperative outcomes and use this to help reduce data transmission costs in the Internet of Medical Things. Based on open dataset, they found that ensemble learning classifiers is superior when adopting all features, resulting in an accuracy rate of 0.92. In addition, when integrating select subjective features, a comparable accuracy rate of 0.91 can be reached.</p><p>In the seventh contribution entitled “Risk-Aware SDN Defense Framework Against Anti-Honeypot Attacks Using Safe Reinforcement Learning,” Gao et al. figured out that the network interaction between SDN servers and users is under risk. The authors proposed a risk-aware SDN defense framework based on safe reinforcement learning that can help mitigate the external attacks. The authors also introduced a risk level function to model the simultaneous dynamic attack and defense processes. Their simulation results showed that the proposed framework could enhance the defense utility by 17.5% and 142.4% compared with the QLearning scheme and the Random scheme.</p><p>On the whole, the special issue papers cover a broad range of research on security, privacy, and trust on decentralized systems and network and discuss many potential threats and promising solutions. The team of guest editors would like to thank Editor-in-Chief James Won-Ki Hong for their great support, as well as the paper authors and the reviewers for their contributions.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"34 6","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2311","citationCount":"0","resultStr":"{\"title\":\"Security, Privacy, and Trust Management on Decentralized Systems and Networks\",\"authors\":\"Weizhi Meng,&nbsp;Sokratis K. Katsikas,&nbsp;Jiageng Chen,&nbsp;Chao Chen\",\"doi\":\"10.1002/nem.2311\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>With the rapid growth of size and scale in current organization, decentralize systems are becoming dominant, which is an interconnected information system where no single entity or central server is employed as a sole authority, such as Internet of Things (IoT), smart home system, smart city system, and more. For such systems, sensors are important to gather and process data as the lower level components. However, with the distributed deployment, decentralized systems are facing various security, privacy, and trust issues. For instance, any compromised sensor may leak sensitive data or be used to infect other entities within the system. It is also a long-term challenge to establish trust among different nodes and defeat malicious insiders. Here, there is a requirement to develop suitable management schemes for decentralized systems and networks regarding security, privacy, and trust. This special issue focuses on the identification of security, privacy, and trust issues in decentralized systems and the development of effective solutions in handling security, privacy, and trust issues for decentralized systems, for example, IoT, cyber-physical systems (CPS), smart city, and smart home.</p><p>In the first contribution entitled “A security-enhanced equipment predictive maintenance solution for the ETO manufacturing,” Cao et al. proposed a security-enhanced predictive maintenance scheme specifically designed for ETO-type production equipment. This scheme can use the industrial Internet of Things (IIoT) technology to monitor machines and equipment, constructing prediction models using machine learning methods and reinforcing the security of the prediction system through adoption of a decentralized architecture with blockchain distributed storage. In this experiment, six supervised learning models were compared, and it was found that the model based on the random forest algorithm achieved an outstanding accuracy rate of 98.88%.</p><p>In the second contribution entitled “IGXSS: XSS payload detection model based on inductive GCN,” Wang et al. figured out that XSS is one of the most common web application attacks, in which an attacker can obtain private user information from IoT devices or cloud platforms. To address this issue, the authors proposed an XSS payload detection model based on inductive graph neural networks, shortly IGXSS (XSS payload detection model based on inductive GCN). The method aims to detect XSS payloads under an IoT environment by segmenting the samples as nodes and obtaining the feature matrix of nodes and edges.</p><p>In the third contribution entitled “Privacy-protected object detection through trustworthy image fusion,” Zhang et al. identified that user privacy may be leaked as infrared images may contain sensitive information. The authors then proposed a procedure for enhancing the database privacy, object detection based on multi-band infrared image datasets, and they utilized the transfer learning technique to migrate knowledge learned from external infrared data to internal infrared data. The proposed approach consists of several steps including data preprocessing of multi-band infrared images, multi-band infrared image fusion, and object detection. They found that transfer learning is very beneficial for keeping the privacy of multi-band infrared images during the fusion and detection processes.</p><p>In the fourth contribution entitled “ASMTP: Anonymous secure messaging token-based protocol assisted data security in swarm of unmanned aerial vehicles,” Manikandan and Sriramulu argued that there is a need for perfect forward secrecy and non-repudiation during UAV-to-UAV (unmanned aerial vehicles) communication. The authors proposed a protocol for UAV Swarm communication with anonymous secure messaging token-based protocol (ASMTP). Such protocol can help secure UAV-to-base station communication and safeguard the metadata of the sender and receiver nodes.</p><p>In the fifth contribution entitled “Privacy-preserving data aggregation achieving completeness of data queries in smart grid,” Li et al. identified that privacy and security should be the priority in smart grid systems. The authors proposed a privacy-preserving data aggregation scheme that aims to support data query. They also developed a multi-level data aggregation mechanism based on Paillier semi-homomorphic encryption, in order to reach efficient aggregation of user data in the control center. They used a data query mechanism based on electricity consumption intervals to enable the control center to query aggregated ciphertexts for different users.</p><p>In the sixth contribution entitled “A secure and light-weight patient survival prediction in Internet of Medical Things framework,” Mittal et al. aimed to explore the interplay of objective and subjective data in predicting postoperative outcomes and use this to help reduce data transmission costs in the Internet of Medical Things. Based on open dataset, they found that ensemble learning classifiers is superior when adopting all features, resulting in an accuracy rate of 0.92. In addition, when integrating select subjective features, a comparable accuracy rate of 0.91 can be reached.</p><p>In the seventh contribution entitled “Risk-Aware SDN Defense Framework Against Anti-Honeypot Attacks Using Safe Reinforcement Learning,” Gao et al. figured out that the network interaction between SDN servers and users is under risk. The authors proposed a risk-aware SDN defense framework based on safe reinforcement learning that can help mitigate the external attacks. The authors also introduced a risk level function to model the simultaneous dynamic attack and defense processes. Their simulation results showed that the proposed framework could enhance the defense utility by 17.5% and 142.4% compared with the QLearning scheme and the Random scheme.</p><p>On the whole, the special issue papers cover a broad range of research on security, privacy, and trust on decentralized systems and network and discuss many potential threats and promising solutions. The team of guest editors would like to thank Editor-in-Chief James Won-Ki Hong for their great support, as well as the paper authors and the reviewers for their contributions.</p>\",\"PeriodicalId\":14154,\"journal\":{\"name\":\"International Journal of Network Management\",\"volume\":\"34 6\",\"pages\":\"\"},\"PeriodicalIF\":1.5000,\"publicationDate\":\"2024-10-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2311\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Network Management\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1002/nem.2311\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Network Management","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/nem.2311","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

随着当前组织规模的快速增长,去中心化系统正成为主流,这是一种互联的信息系统,没有单一实体或中央服务器作为唯一权威,如物联网(IoT)、智能家居系统、智能城市系统等。对于此类系统,传感器作为底层组件,在收集和处理数据方面非常重要。然而,随着分布式部署的开展,分散式系统正面临着各种安全、隐私和信任问题。例如,任何受损的传感器都可能泄露敏感数据或被用来感染系统内的其他实体。在不同节点之间建立信任并击败恶意内部人员也是一项长期挑战。因此,有必要为分散式系统和网络开发合适的安全、隐私和信任管理方案。在第一篇题为《面向 ETO 制造业的安全增强型设备预测性维护解决方案》的论文中,Cao 等人提出了一种专为 ETO 型生产设备设计的安全增强型预测性维护方案。该方案可利用工业物联网(IIoT)技术监控机器设备,利用机器学习方法构建预测模型,并通过采用区块链分布式存储的去中心化架构来加强预测系统的安全性。在题为 "IGXSS:基于感应式GCN的XSS有效载荷检测模型 "的第二篇论文中,Wang等人发现XSS是最常见的网络应用攻击之一,攻击者可以从物联网设备或云平台获取用户隐私信息。为解决这一问题,作者提出了一种基于归纳图神经网络的 XSS 有效载荷检测模型,即 IGXSS(基于归纳图神经网络的 XSS 有效载荷检测模型)。该方法旨在通过将样本分割为节点,并获取节点和边的特征矩阵,从而检测物联网环境下的 XSS 有效载荷。在题为 "通过可信图像融合实现隐私保护对象检测 "的第三篇论文中,Zhang 等人指出,由于红外图像可能包含敏感信息,用户隐私可能会被泄露。作者随后提出了一种基于多波段红外图像数据集的增强数据库隐私、物体检测的程序,并利用迁移学习技术将从外部红外数据中学到的知识迁移到内部红外数据中。所提出的方法由几个步骤组成,包括多波段红外图像的数据预处理、多波段红外图像融合和物体检测。Manikandan 和 Sriramulu 在题为 "ASMTP:基于匿名安全信息令牌的协议辅助无人驾驶飞行器群的数据安全 "的第四篇论文中指出,在无人驾驶飞行器与无人驾驶飞行器(UAV-to-UAV)通信过程中,需要完美的前向保密性和不可抵赖性。作者提出了一种基于匿名安全信息令牌协议(ASMTP)的无人机蜂群通信协议。在题为 "智能电网中实现数据查询完整性的隐私保护数据聚合 "的第五篇论文中,Li 等人指出,智能电网系统应优先考虑隐私和安全问题。作者提出了一种旨在支持数据查询的隐私保护数据聚合方案。他们还开发了一种基于 Paillier 半同态加密的多级数据聚合机制,以便在控制中心实现用户数据的高效聚合。在题为 "医疗物联网框架中的安全和轻量级患者生存预测 "的第六篇论文中,Mittal 等人旨在探索客观数据和主观数据在预测术后结果中的相互作用,并以此帮助降低医疗物联网中的数据传输成本。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
Security, Privacy, and Trust Management on Decentralized Systems and Networks

With the rapid growth of size and scale in current organization, decentralize systems are becoming dominant, which is an interconnected information system where no single entity or central server is employed as a sole authority, such as Internet of Things (IoT), smart home system, smart city system, and more. For such systems, sensors are important to gather and process data as the lower level components. However, with the distributed deployment, decentralized systems are facing various security, privacy, and trust issues. For instance, any compromised sensor may leak sensitive data or be used to infect other entities within the system. It is also a long-term challenge to establish trust among different nodes and defeat malicious insiders. Here, there is a requirement to develop suitable management schemes for decentralized systems and networks regarding security, privacy, and trust. This special issue focuses on the identification of security, privacy, and trust issues in decentralized systems and the development of effective solutions in handling security, privacy, and trust issues for decentralized systems, for example, IoT, cyber-physical systems (CPS), smart city, and smart home.

In the first contribution entitled “A security-enhanced equipment predictive maintenance solution for the ETO manufacturing,” Cao et al. proposed a security-enhanced predictive maintenance scheme specifically designed for ETO-type production equipment. This scheme can use the industrial Internet of Things (IIoT) technology to monitor machines and equipment, constructing prediction models using machine learning methods and reinforcing the security of the prediction system through adoption of a decentralized architecture with blockchain distributed storage. In this experiment, six supervised learning models were compared, and it was found that the model based on the random forest algorithm achieved an outstanding accuracy rate of 98.88%.

In the second contribution entitled “IGXSS: XSS payload detection model based on inductive GCN,” Wang et al. figured out that XSS is one of the most common web application attacks, in which an attacker can obtain private user information from IoT devices or cloud platforms. To address this issue, the authors proposed an XSS payload detection model based on inductive graph neural networks, shortly IGXSS (XSS payload detection model based on inductive GCN). The method aims to detect XSS payloads under an IoT environment by segmenting the samples as nodes and obtaining the feature matrix of nodes and edges.

In the third contribution entitled “Privacy-protected object detection through trustworthy image fusion,” Zhang et al. identified that user privacy may be leaked as infrared images may contain sensitive information. The authors then proposed a procedure for enhancing the database privacy, object detection based on multi-band infrared image datasets, and they utilized the transfer learning technique to migrate knowledge learned from external infrared data to internal infrared data. The proposed approach consists of several steps including data preprocessing of multi-band infrared images, multi-band infrared image fusion, and object detection. They found that transfer learning is very beneficial for keeping the privacy of multi-band infrared images during the fusion and detection processes.

In the fourth contribution entitled “ASMTP: Anonymous secure messaging token-based protocol assisted data security in swarm of unmanned aerial vehicles,” Manikandan and Sriramulu argued that there is a need for perfect forward secrecy and non-repudiation during UAV-to-UAV (unmanned aerial vehicles) communication. The authors proposed a protocol for UAV Swarm communication with anonymous secure messaging token-based protocol (ASMTP). Such protocol can help secure UAV-to-base station communication and safeguard the metadata of the sender and receiver nodes.

In the fifth contribution entitled “Privacy-preserving data aggregation achieving completeness of data queries in smart grid,” Li et al. identified that privacy and security should be the priority in smart grid systems. The authors proposed a privacy-preserving data aggregation scheme that aims to support data query. They also developed a multi-level data aggregation mechanism based on Paillier semi-homomorphic encryption, in order to reach efficient aggregation of user data in the control center. They used a data query mechanism based on electricity consumption intervals to enable the control center to query aggregated ciphertexts for different users.

In the sixth contribution entitled “A secure and light-weight patient survival prediction in Internet of Medical Things framework,” Mittal et al. aimed to explore the interplay of objective and subjective data in predicting postoperative outcomes and use this to help reduce data transmission costs in the Internet of Medical Things. Based on open dataset, they found that ensemble learning classifiers is superior when adopting all features, resulting in an accuracy rate of 0.92. In addition, when integrating select subjective features, a comparable accuracy rate of 0.91 can be reached.

In the seventh contribution entitled “Risk-Aware SDN Defense Framework Against Anti-Honeypot Attacks Using Safe Reinforcement Learning,” Gao et al. figured out that the network interaction between SDN servers and users is under risk. The authors proposed a risk-aware SDN defense framework based on safe reinforcement learning that can help mitigate the external attacks. The authors also introduced a risk level function to model the simultaneous dynamic attack and defense processes. Their simulation results showed that the proposed framework could enhance the defense utility by 17.5% and 142.4% compared with the QLearning scheme and the Random scheme.

On the whole, the special issue papers cover a broad range of research on security, privacy, and trust on decentralized systems and network and discuss many potential threats and promising solutions. The team of guest editors would like to thank Editor-in-Chief James Won-Ki Hong for their great support, as well as the paper authors and the reviewers for their contributions.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
International Journal of Network Management
International Journal of Network Management COMPUTER SCIENCE, INFORMATION SYSTEMS-TELECOMMUNICATIONS
CiteScore
5.10
自引率
6.70%
发文量
25
审稿时长
>12 weeks
期刊介绍: Modern computer networks and communication systems are increasing in size, scope, and heterogeneity. The promise of a single end-to-end technology has not been realized and likely never will occur. The decreasing cost of bandwidth is increasing the possible applications of computer networks and communication systems to entirely new domains. Problems in integrating heterogeneous wired and wireless technologies, ensuring security and quality of service, and reliably operating large-scale systems including the inclusion of cloud computing have all emerged as important topics. The one constant is the need for network management. Challenges in network management have never been greater than they are today. The International Journal of Network Management is the forum for researchers, developers, and practitioners in network management to present their work to an international audience. The journal is dedicated to the dissemination of information, which will enable improved management, operation, and maintenance of computer networks and communication systems. The journal is peer reviewed and publishes original papers (both theoretical and experimental) by leading researchers, practitioners, and consultants from universities, research laboratories, and companies around the world. Issues with thematic or guest-edited special topics typically occur several times per year. Topic areas for the journal are largely defined by the taxonomy for network and service management developed by IFIP WG6.6, together with IEEE-CNOM, the IRTF-NMRG and the Emanics Network of Excellence.
期刊最新文献
Issue Information Security, Privacy, and Trust Management on Decentralized Systems and Networks A Blockchain-Based Proxy Re-Encryption Scheme With Cryptographic Reverse Firewall for IoV Construction of Metaphorical Maps of Cyberspace Resources Based on Point-Cluster Feature Generalization Risk-Aware SDN Defense Framework Against Anti-Honeypot Attacks Using Safe Reinforcement Learning
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1