【Abstract】Empowered by promising artificial intelligence, the traditional Internet of Things is evolving into the Artificial Intelligence of Things (AIoT), which is an important enabling technology for Industry 4.0. Collaborative learning is a key technology for AIoT to build machine learning (ML) models on distributed datasets. However, there are two critical concerns of collaborative learning for AIoT: privacy leakage of sensitive data and dishonest computation. Specifically, data contains sensitive information of users, which cannot be openly shared for model learning. Furthermore, to protect the privacy of data or other selfish purposes, participants of collaborative learning may behave dishonestly, submitting dummy data or incorrect model computation. Therefore, it is important to guarantee privacy preservation of data and honest computation on collaborative learning. Our work tackles the two concerns wherein a model demander can securely train ML models with sensitive data and can regulate the computation of participants. To this end, we propose a secure and trusted collaborative learning framework called TrusCL. The framework guarantees privacy preservation via a delicate combination of homomorphic encryption (HE) and differential privacy (DP), achieving the trade-off between efficiency and accuracy. Furthermore, based on blockchain, in our design, the key steps of secure collaborative learning are recorded on blockchain so that malicious behaviors can be effectively tracked and choked in a timely manner to facilitate trusted computation. Experimental results validate the trade-off performance of TrusCL between model training efficiency and trained model accuracy.
【Abstract】In the future sharing economy, billions of underutilized IoT devices will be deployed to enable a powerful and large-scale sharing market that produces economic, environmental, and social benefits. Given the fact that communications in numerous IoT devices through wireless links are unreliable, blockchain technology, as a promising solution, has emerged to achieve reliable and secure sharing services in a decentralized manner. However, applying blockchain in large-scale wireless networks confronts scalability challenges. This motivates us to propose a real-time, trusted data interactive, and fine-grained transaction supportable sharing framework, the core of which is a novel two-layer scaling blockchain design. In the on-chain layer, sharing-oriented sharding is employed to enable secure and efficient processing of macro-transactions on the chain. In the off-chain layer, cross-zone off-chain channels are set up to provide real-time sharing transactions with high-frequency micro-trading scenarios. Finally, a proof-of-concept case study of electric vehicle sharing data is implemented with experimental results to demonstrate the feasibility of our framework.
【Abstract】In recent years, the Internet of Things (IoT) has been contemplated as the next technological advancement in the era of data communication and networking. However, although hundreds of new IoT platforms are introduced to the market every few months, the security of IoT ecosystems is still not fully understood. This paper discloses the architecture of a multilayer, multimode security system for the IoT. The proposed system is capable of providing multiple security solutions that support anonymous authentication, device privacy, data integrity, device sybil attack detection and IoT server spoofing attack detection. For IoT access control and authentication, our system can support two modes of operations, with one mode endorsing device privacy protection over the network and the second mode relinquishing device identity to establish data tracing during safety-critical IoT events. The new security system includes two innovative crypto approaches, zero knowledge proof (ZKP) and blockchains. IoT device anonymity was achieved via the multimode ZKP protocol, while data integrity and protection against sybil and IoT spoofing attacks were maintained via blockchains. Our threat analysis models showed that data modification and data injection attacks are not feasible. Probabilistic modeling of an IoT spoofing attack was performed in this paper, and the results show that our security system provides high resiliency against such attacks, with a probability approaching 1.
【Keywords】Blockchains; Servers; Security; Medical services; Data privacy; Authentication; Internet of Things; Anonymity; blockchain; IoT; sybil attacks; ZKP
【Abstract】In vehicular edge computing networks, electric vehicles can get charging services from edge servers through some road-side charging stations. Several recent studies have investigated how to deal with security requirements in these communications. Nevertheless, simultaneous provision of security and lightness, which is crucial for resource-constrained vehicles, is still an open issue. More critically, the anonymity from the perspective of honest-but-curious edge nodes has not been yet addressed. Thus, this paper proposes a novel ultra-lightweight framework for the secure and anonymous communications of vehicles during their charging reception by means of blockchain. Thanks to the blockchain technology, the accountability of electric vehicle possessors guaranteed. The proposed scheme has been validated in terms of security metrics and also implemented on two ARM-based platforms, one 32-bit ARM microcontroller and one 64-bit ARM processor. Further, its blockchain part has been deployed on a Hyperledger Fabric network. The obtained results besides the comparison with well-respected similar schemes acknowledge the usefulness and practicability of the presented scheme.
【Abstract】The 5G communication technology and edge computing jointly form 5G Edge and eliminate the constraints of Internet-of-Medical Things (IoMT) devices to facilitate several real-time healthcare services, including patient monitoring and diagnoses from anywhere. Nevertheless, the 5G Edge platform introduces risks of internal attacks to the data integrity and privacy of IoMT data. Hence, end users cannot trust data retrieved from the 5G Edge. This paper proposes a privacy-preserving search result certification framework for IoMT data on 5G and edge computing-assisted blockchain networks. The novelty of this paper is twofold. First, the proposed framework introduces a blockchain platform involving 5G Edge servers to ensure tamperproof data storage. In addition, an encrypted data storage model and a symmetric-key cryptography-based privacy-preserving search mechanism are developed for the 5G Edge blockchain. Second, the framework leverages an efficient multi-signature scheme to design a tamperproof search result certification mechanism for IoMT data on the blockchain of 5G Edge. Several experiments are conducted to evaluate the performance of the proposed framework.
【Keywords】Internet of Medical Things; IoMT data privacy; Smart medical systems; Blockchain; Privacy-preserving search; IoMT data integrity; Search result certification; Query result verification; Verifiable query; Multi-signature
【Abstract】Breast cancer is the most widely recognized malignancy affecting women. The risk of death has been consistently associated with breast cancer. In addition, the cyber-physical system (CPS)is the processing and data transfer of physical processes. This study presents a safe, intrusive, blockchain-based data transfer using the CPS classification model in the health industry to overcome the problem. Considering the challenges in breast tumor classification, this paper accords a reasonable arrangement to examine the mammogram image to discover the detection and classification of various stages of cancer. The breast cancer detection images obtained from the mammogram were processed and experimentally evaluated for parameters such as a sensitivity of 90%, a specificity of 98%,and a classification accuracy of 98%.The results of the ensemble convolution neural network (E-CNN) classifier, such as VGG-16 and Inception-v3, which separates ordinary and unusual cases from the applied advanced mammographic image, will be projected by comparing the two existing methods.
【Abstract】The smart healthcare system has improved the patients quality of life (QoL), where the records are being analyzed remotely by distributed stakeholders. It requires a voluminous exchange of data for disease prediction via the open communication channel, i.e., the Internet to train artificial intelligence (AI) models efficiently and effectively. The open nature of communication channels puts data privacy at high risk and affects the model training of collected data at centralized servers. To overcome this, an emerging concept, i.e., federated learning (FL) is a viable solution. It performs training at client nodes and aggregates their results to train the global model. The concept of local training preserves the privacy, confidentiality, and integrity of the patient's data which contributes effectively to the training process. The applicability of FL in the healthcare domain has various advantages, but it has not been explored to its extent. The existing surveys majorly focused on the role of FL in diverse applications, but there exists no detailed or comprehensive survey on FL in healthcare informatics (HI). We present a relative comparison of recent surveys with the proposed survey. To strengthen healthcare data privacy and increase the QoL of patients, we proposed an FL-based layered healthcare informatics architecture along with the case study on FL-based electronic health records (FL-EHR). We discuss the emerging FL models, and present the statistical and security challenges in FL adoption in medical setups. Thus, the review presents useful insights for both academia and healthcare practitioners to investigate FL application in HI ecosystems.
【Abstract】Self-Sovereign Identity (SSI) is a novel and emerging, decentralized digital identity approach that enables entities to control and manage their digital identifiers and associated identity data while enhancing trust, privacy, security, and the many other properties identified and analyzed in this paper. The paper provides an overview and classification of the SSI properties, focusing on an in-depth analysis, furthermore, presenting a comprehensive collection of SSI properties that are important for the implementation of the SSI system. In addition, it explores the general SSI process flow, and highlights the steps in which individual properties are important. After the initial purification and classification phase, we then validated properties among experts in the field of Decentralized and Self-Sovereign Identity Management using an online questionnaire, which resulted in a final set of classified and verified SSI properties. The results can be used for further work on definition and standardization of the SSI field.
【Abstract】In a world where organisations are embracing new IT working models such as Bring Your Own Device (BYOD) and remote working, the traditional mindset of defending the network perimeter is no longer sufficient. Zero Trust Architecture (ZTA) has recently emerged as a new security model in which the breach mindset dominates the threat model. By default, the ZTA considers any endpoint (i.e., device), user, or application to be untrusted until proven otherwise. Nonetheless, once proven by the endpoint, using Advanced Persistent Threats (APT), attackers can still take over an authenticated and authorised session via that endpoint. Therefore, they can perform several user/device centric malicious activities in addition to lateral movement rendering the endpoint the Achilles heel of ZTA. To effectively deter APT attack capabilities on the endpoints, this work proposes a Blockchain-enabled Intrusion Detection and Prevention System (BIDPS) that augments ZTA onto endpoints. The BIDPS aims to achieve two core outcomes: first, detect and prevent attackers' techniques and tactics as per MITRE's ATT&CK enterprise matrix earlier than the lateral movement stage, and secondly, strip trust out of the endpoint itself and place it on-chain, thus creating an immutable system of explicit trust. To evaluate the effectiveness of the BIDPS, a testbed was built where techniques of over ten APTs attacks were launched against the endpoint. BIDPS has a high rate of success defending against the launched attacks owing to its Blockchain's immutability, fortifying the detection/prevention processes.
【Abstract】In LEO (Low Earth Orbit) satellite communication systems, the satellite network is made up of a large number of satellites, the dynamically changing network environment affects the results of distributed computing. In order to improve the fault tolerance rate, a novel public blockchain consensus mechanism that applies a distributed computing architecture in a public network is proposed. Redundant calculation of blockchain ensures the credibility of the results; and the transactions with calculation results of a task are stored distributed in sequence in Directed Acyclic Graphs (DAG). The transactions issued by nodes are connected to form a net. The net can quickly provide node reputation evaluation that does not rely on third parties. Simulations show that our proposed blockchain has the following advantages: 1. The task processing speed of the blockchain can be close to that of the fastest node in the entire blockchain; 2. When the tasks' arrival time intervals and demanded working nodes(WNs) meet certain conditions, the network can tolerate more than 50% of malicious devices; 3. No matter the number of nodes in the blockchain is increased or reduced, the network can keep robustness by adjusting the task's arrival time interval and demanded WNs.
【Abstract】With the deepening of globalization and the improvement of the fineness of production division and cooperation, various forms of suppliers coexist, and the supply chain network becomes complex and fragmented. Traditional supply chain management mode and purchasing mechanism cannot respond to the changes of the times in time, and enterprises and suppliers cannot connect. As a new type of financial service, supply chain finance plays an important role in solving the financing difficulties and expensive problems of SMEs. However, in recent years, traditional supply chain finance has encountered many problems, and it has gradually become a trend to empower traditional supply chain finance with blockchain technology. This paper proposes a blockchain supply chain financing risk assessment and behavior prediction algorithm. By analyzing the development status of supply chain business, it puts forward corresponding preventive measures to effectively improve the efficiency of supply chain financing. Firstly, the paper puts forward the double-chain management system and constructs the double-chain management architecture and operation flow; Thirdly, the weighting method of enterprise financing risk evaluation index based on variance homogeneity test is put forward to explain; Finally, five enterprises are tested on the data set, and the performance of TPR, FPR, Precision, Recall, F-Measure, and Accuracy is compared. Different enterprises have the problem of supply chain financing risk.
【Abstract】The development of Internet technology provides a lot of convenience for the promotion of smart agriculture. At present, smart agriculture has gradually realized unmanned and automatic management, which can realize monitoring, supervision, and real-time image monitoring. However, the data in smart agriculture system cannot be guaranteed to be complete and vulnerable to attack. Based on this, this paper studies and analyzes the application of edge computing and blockchain in smart agriculture systems. Based on the simple analysis of the development of smart agriculture, the edge computing framework and the advantages of blockchain are used to build the framework system of smart agriculture. The classical architecture of edge computing and the confidentiality of blockchain are used to realize the analysis and storage of data. In view of the shortcomings of crop image overlap detection, it is proposed to detect the overlapping area and determine the feature points to analyze the image based on the edge computing and hash algorithm. In terms of data integrity, based on the advantages of blockchain, an edge data detection method based on short signature is proposed, and experiments are designed to analyze the accuracy and efiectiveness of the algorithm. The simulation results show that the image mosaic algorithm can extract the contour information of the image and realize the fast image matching. The edge data integrity calculation based on short signature can meet the requirements and shorten the response time.
【Abstract】Online crowdfunding, an innovative model based on "Internet + Finance", is a hot spot for financing via Internet. Crowdfunding based on blockchain is an emerging economic phenomenon and becomes one of the most advanced risk financing strategies. However, crowdfunding transactions face security threats due to identity leaks, quantum attacks and the untraceable nature of blind signatures, which facilitate criminal activity. Different from the previous works, which ignored the importance of traceability, in this paper, we establish a blockchain-empowered secure crowdfunding architecture and propose an anti-quantum partially blind signature algorithm based on the verifiable identity of both sides. Specially, for one thing, the private key decided by user identity is generated by lattice-based sample matrix, and the privacy of user identity can be ensured and traced by the rejection sampling theorem. For another thing, we design an improved krill herd algorithm (IKHA) to increase the credit factor of fundraisers for dealing with project investment issues. The simulation evaluates the correctness and effectiveness of our theoretical analyses. Compared with the current popular schemes, the proposed IKH algorithm has a higher convergence speed and can optimize investment efficiency.
【Abstract】In order to improve the transportation effect of the autonomous transportation logistics system, this paper combines the Internet of Things and blockchain technology to construct an intelligent logistics system, and establishes the principle of deterministic deviation compensation based on the two-point method. Moreover, this paper calculates two deterministic deviations through the known coordinates of the starting and ending points and compensates them into the heading angle and pitch angle measured by the inertial navigation system respectively. Further, this paper uses the basic formula of dead reckoning to calculate the trajectory after compensation to achieve the effect of improving positioning accuracy. Finally, this paper constructs an autonomous transportation intelligent logistics system based on the Internet of Things and blockchain technology. The experimental research results show that the simulation effect of the autonomous transportation intelligent logistics system based on the Internet of Things and blockchain technology is very good.
【Abstract】Mobile edge computing (MEC) technology with storage and computing capabilities and deployed at the edge of the network, is widely used to solve the problems of high bandwidth, low latency and high mobility for the Internet of vehicles (IoV). Edge computing servers are generally deployed on road side unit (RSU). However, since the vehicles need to share data and collaborate on computations through RSUs, RSUs may be attacked by malicious vehicles which take up RSU resources or gain control of RSU. Therefore, a trust management system needs to be designed to build a secure and trustworthy MEC data-sharing envi-ronment in IoV. Most of the previous studies have centralized authen-tication of vehicle identity through certificate authority (CA), which has the risk of privacy leakage. In addition, in the previously proposed blockchain-based distributed trust management schemes, the consensus mechanism consumes huge resources. Therefore, this paper proposes an autonomous and controllable distributed authentication scheme based on decentralized identifier (DID) to ensure the credibility of the vehi-cle's identity, and a novel proof-of-reputation consensus mechanism based on blockchain to enhance trust management for RSU. And this paper considers the capability and reputation value of RSU and uses the deep reinforcement learning algorithm to adjust the assignment of ver-ification nodes, block size and block interval in order to maximize the transaction throughput and improve system scalability and efficiency. The experiment shows that our scheme has good results for building a trusted data sharing system for vehicular networks.
