In the competitive retail industry of the digital era,data-driven insights into gender-specific customer behavior are essential.They support the optimization of store performance,layout design,product placement,and ta...In the competitive retail industry of the digital era,data-driven insights into gender-specific customer behavior are essential.They support the optimization of store performance,layout design,product placement,and targeted marketing.However,existing computer vision solutions often rely on facial recognition to gather such insights,raising significant privacy and ethical concerns.To address these issues,this paper presents a privacypreserving customer analytics system through two key strategies.First,we deploy a deep learning framework using YOLOv9s,trained on the RCA-TVGender dataset.Cameras are positioned perpendicular to observation areas to reduce facial visibility while maintaining accurate gender classification.Second,we apply AES-128 encryption to customer position data,ensuring secure access and regulatory compliance.Our system achieved overall performance,with 81.5%mAP@50,77.7%precision,and 75.7%recall.Moreover,a 90-min observational study confirmed the system’s ability to generate privacy-protected heatmaps revealing distinct behavioral patterns between male and female customers.For instance,women spent more time in certain areas and showed interest in different products.These results confirm the system’s effectiveness in enabling personalized layout and marketing strategies without compromising privacy.展开更多
With the rapid development of the Artificial Intelligence of Things(AIoT),convolutional neural networks(CNNs)have demonstrated potential and remarkable performance in AIoT applications due to their excellent performan...With the rapid development of the Artificial Intelligence of Things(AIoT),convolutional neural networks(CNNs)have demonstrated potential and remarkable performance in AIoT applications due to their excellent performance in various inference tasks.However,the users have concerns about privacy leakage for the use of AI and the performance and efficiency of computing on resource-constrained IoT edge devices.Therefore,this paper proposes an efficient privacy-preserving CNN framework(i.e.,EPPA)based on the Fully Homomorphic Encryption(FHE)scheme for AIoT application scenarios.In the plaintext domain,we verify schemes with different activation structures to determine the actual activation functions applicable to the corresponding ciphertext domain.Within the encryption domain,we integrate batch normalization(BN)into the convolutional layers to simplify the computation process.For nonlinear activation functions,we use composite polynomials for approximate calculation.Regarding the noise accumulation caused by homomorphic multiplication operations,we realize the refreshment of ciphertext noise through minimal“decryption-encryption”interactions,instead of adopting bootstrapping operations.Additionally,in practical implementation,we convert three-dimensional convolution into two-dimensional convolution to reduce the amount of computation in the encryption domain.Finally,we conduct extensive experiments on four IoT datasets,different CNN architectures,and two platforms with different resource configurations to evaluate the performance of EPPA in detail.展开更多
Privacy-Preserving Computation(PPC)comprises the techniques,schemes and protocols which ensure privacy and confidentiality in the context of secure computation and data analysis.Most of the current PPC techniques rely...Privacy-Preserving Computation(PPC)comprises the techniques,schemes and protocols which ensure privacy and confidentiality in the context of secure computation and data analysis.Most of the current PPC techniques rely on the complexity of cryptographic operations,which are expected to be efficiently solved by quantum computers soon.This review explores how PPC can be built on top of quantum computing itself to alleviate these future threats.We analyze quantum proposals for Secure Multi-party Computation,Oblivious Transfer and Homomorphic Encryption from the last decade focusing on their maturity and the challenges they currently face.Our findings show a strong focus on purely theoretical works,but a rise on the experimental consideration of these techniques in the last 5 years.The applicability of these techniques to actual use cases is an underexplored aspect which could lead to the practical assessment of these techniques.展开更多
The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Syst...The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Systems(IDS)often fail to meet the privacy requirements and scalability demands of large-scale IoT ecosystems.To address these challenges,we propose an innovative privacy-preserving approach leveraging Federated Learning(FL)for distributed intrusion detection.Our model eliminates the need for aggregating sensitive data on a central server by training locally on IoT devices and sharing only encrypted model updates,ensuring enhanced privacy and scalability without compromising detection accuracy.Key innovations of this research include the integration of advanced deep learning techniques for real-time threat detection with minimal latency and a novel model to fortify the system’s resilience against diverse cyber-attacks such as Distributed Denial of Service(DDoS)and malware injections.Our evaluation on three benchmark IoT datasets demonstrates significant improvements:achieving 92.78%accuracy on NSL-KDD,91.47%on BoT-IoT,and 92.05%on UNSW-NB15.The precision,recall,and F1-scores for all datasets consistently exceed 91%.Furthermore,the communication overhead was reduced to 85 MB for NSL-KDD,105 MB for BoT-IoT,and 95 MB for UNSW-NB15—substantially lower than traditional centralized IDS approaches.This study contributes to the domain by presenting a scalable,secure,and privacy-preserving solution tailored to the unique characteristics of IoT environments.The proposed framework is adaptable to dynamic and heterogeneous settings,with potential applications extending to other privacy-sensitive domains.Future work will focus on enhancing the system’s efficiency and addressing emerging challenges such as model poisoning attacks in federated environments.展开更多
Federated learning(FL)is a distributed machine learning paradigm that excels at preserving data privacy when using data from multiple parties.When combined with Fog Computing,FL offers enhanced capabilities for machin...Federated learning(FL)is a distributed machine learning paradigm that excels at preserving data privacy when using data from multiple parties.When combined with Fog Computing,FL offers enhanced capabilities for machine learning applications in the Internet of Things(IoT).However,implementing FL across large-scale distributed fog networks presents significant challenges in maintaining privacy,preventing collusion attacks,and ensuring robust data aggregation.To address these challenges,we propose an Efficient Privacy-preserving and Robust Federated Learning(EPRFL)scheme for fog computing scenarios.Specifically,we first propose an efficient secure aggregation strategy based on the improved threshold homomorphic encryption algorithm,which is not only resistant to model inference and collusion attacks,but also robust to fog node dropping.Then,we design a dynamic gradient filtering method based on cosine similarity to further reduce the communication overhead.To minimize training delays,we develop a dynamic task scheduling strategy based on comprehensive score.Theoretical analysis demonstrates that EPRFL offers robust security and low latency.Extensive experimental results indicate that EPRFL outperforms similar strategies in terms of privacy preserving,model performance,and resource efficiency.展开更多
Federated Learning(FL)has emerged as a promising distributed machine learning paradigm that enables multi-party collaborative training while eliminating the need for raw data sharing.However,its reliance on a server i...Federated Learning(FL)has emerged as a promising distributed machine learning paradigm that enables multi-party collaborative training while eliminating the need for raw data sharing.However,its reliance on a server introduces critical security vulnerabilities:malicious servers can infer private information from received local model updates or deliberately manipulate aggregation results.Consequently,achieving verifiable aggregation without compromising client privacy remains a critical challenge.To address these problem,we propose a reversible data hiding in encrypted domains(RDHED)scheme,which designs joint secret message embedding and extraction mechanism.This approach enables clients to embed secret messages into ciphertext redundancy spaces generated during model encryption.During the server aggregation process,the embedded messages from all clients fuse within the ciphertext space to form a joint embedding message.Subsequently,clients can decrypt the aggregated results and extract this joint embedding message for verification purposes.Building upon this foundation,we integrate the proposed RDHED scheme with linear homomorphic hash and digital signatures to design a verifiable privacy-preserving aggregation protocol for single-server architectures(VPAFL).Theoretical proofs and experimental analyses show that VPAFL can effectively protect user privacy,achieve lightweight computational and communication overhead of users for verification,and present significant advantages with increasing model dimension.展开更多
As the demand for cross-departmental data collaboration continues to grow,traditional encryption methods struggle to balance data privacy with computational efficiency.This paper proposes a cross-departmental privacy-...As the demand for cross-departmental data collaboration continues to grow,traditional encryption methods struggle to balance data privacy with computational efficiency.This paper proposes a cross-departmental privacy-preserving computation framework based on BFV homomorphic encryption,threshold decryption,and blockchain technology.The proposed scheme leverages homomorphic encryption to enable secure computations between sales,finance,and taxation departments,ensuring that sensitive data remains encrypted throughout the entire process.A threshold decryption mechanism is employed to prevent single-point data leakage,while blockchain and IPFS are integrated to ensure verifiability and tamper-proof storage of computation results.Experimental results demonstrate that with 5,000 sample data entries,the framework performs efficiently and is highly scalable in key stages such as sales encryption,cost calculation,and tax assessment,thereby validating its practical feasibility and security.展开更多
With the development of Internet of Things(IoT),the delay caused by network transmission has led to low data processing efficiency.At the same time,the limited computing power and available energy consumption of IoT t...With the development of Internet of Things(IoT),the delay caused by network transmission has led to low data processing efficiency.At the same time,the limited computing power and available energy consumption of IoT terminal devices are also the important bottlenecks that would restrict the application of blockchain,but edge computing could solve this problem.The emergence of edge computing can effectively reduce the delay of data transmission and improve data processing capacity.However,user data in edge computing is usually stored and processed in some honest-but-curious authorized entities,which leads to the leakage of users’privacy information.In order to solve these problems,this paper proposes a location data collection method that satisfies the local differential privacy to protect users’privacy.In this paper,a Voronoi diagram constructed by the Delaunay method is used to divide the road network space and determine the Voronoi grid region where the edge nodes are located.A random disturbance mechanism that satisfies the local differential privacy is utilized to disturb the original location data in each Voronoi grid.In addition,the effectiveness of the proposed privacy-preserving mechanism is verified through comparison experiments.Compared with the existing privacy-preserving methods,the proposed privacy-preserving mechanism can not only better meet users’privacy needs,but also have higher data availability.展开更多
Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the clou...Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the cloud.In the meantime,some computationally expensive tasks are also undertaken by cloud servers.However,the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data.Recently,this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data.In this paper,two reversible data hiding schemes are proposed for encrypted image data in cloud computing:reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain.The former is that additional bits are extracted after decryption and the latter is that extracted before decryption.Meanwhile,a combined scheme is also designed.This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing,which not only ensures multimedia data security without relying on the trustworthiness of cloud servers,but also guarantees that reversible data hiding can be operated over encrypted images at the different stages.Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme.The computation cost of the proposed scheme is acceptable and adjusts to different security levels.展开更多
Federated learning for edge computing is a promising solution in the data booming era,which leverages the computation ability of each edge device to train local models and only shares the model gradients to the centra...Federated learning for edge computing is a promising solution in the data booming era,which leverages the computation ability of each edge device to train local models and only shares the model gradients to the central server.However,the frequently transmitted local gradients could also leak the participants’private data.To protect the privacy of local training data,lots of cryptographic-based Privacy-Preserving Federated Learning(PPFL)schemes have been proposed.However,due to the constrained resource nature of mobile devices and complex cryptographic operations,traditional PPFL schemes fail to provide efficient data confidentiality and lightweight integrity verification simultaneously.To tackle this problem,we propose a Verifiable Privacypreserving Federated Learning scheme(VPFL)for edge computing systems to prevent local gradients from leaking over the transmission stage.Firstly,we combine the Distributed Selective Stochastic Gradient Descent(DSSGD)method with Paillier homomorphic cryptosystem to achieve the distributed encryption functionality,so as to reduce the computation cost of the complex cryptosystem.Secondly,we further present an online/offline signature method to realize the lightweight gradients integrity verification,where the offline part can be securely outsourced to the edge server.Comprehensive security analysis demonstrates the proposed VPFL can achieve data confidentiality,authentication,and integrity.At last,we evaluate both communication overhead and computation cost of the proposed VPFL scheme,the experimental results have shown VPFL has low computation costs and communication overheads while maintaining high training accuracy.展开更多
Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is e...Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is essential and critical. In this paper, we have solved two problems regarding to how to determine the position relation between points and curves without revealing any private information. Two protocols have been proposed in order to solve the problems in different conditions. In addition, some building blocks have been developed, such as scalar product protocol, so that we can take advantage of them to settle the privacy-preserving computational geometry problems which are a kind of special secure multi-party computation problems. Moreover, oblivious transfer and power series expansion serve as significant parts in our protocols. Analyses and proofs have also been given to argue our conclusion.展开更多
With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for ...With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can't meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate"noise".Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.展开更多
Privacy is a critical requirement in distributed data mining. Cryptography-based secure multiparty computation is a main approach for privacy preserving. However, it shows poor performance in large scale distributed s...Privacy is a critical requirement in distributed data mining. Cryptography-based secure multiparty computation is a main approach for privacy preserving. However, it shows poor performance in large scale distributed systems. Meanwhile, data perturbation techniques are comparatively efficient but are mainly used in centralized privacy-preserving data mining (PPDM). In this paper, we propose a light-weight anonymous data perturbation method for efficient privacy preserving in distributed data mining. We first define the privacy constraints for data perturbation based PPDM in a semi-honest distributed environment. Two protocols are proposed to address these constraints and protect data statistics and the randomization process against collusion attacks: the adaptive privacy-preserving summary protocol and the anonymous exchange protocol. Finally, a distributed data perturbation framework based on these protocols is proposed to realize distributed PPDM. Experiment results show that our approach achieves a high security level and is very efficient in a large scale distributed environment.展开更多
Wireless sensor networks(WSNs)consist of a great deal of sensor nodes with limited power,computation,storage,sensing and communication capabilities.Data aggregation is a very important technique,which is designed to s...Wireless sensor networks(WSNs)consist of a great deal of sensor nodes with limited power,computation,storage,sensing and communication capabilities.Data aggregation is a very important technique,which is designed to substantially reduce the communication overhead and energy expenditure of sensor node during the process of data collection in a WSNs.However,privacy-preservation is more challenging especially in data aggregation,where the aggregators need to perform some aggregation operations on sensing data it received.We present a state-of-the art survey of privacy-preserving data aggregation in WSNs.At first,we classify the existing privacy-preserving data aggregation schemes into different categories by the core privacy-preserving techniques used in each scheme.And then compare and contrast different algorithms on the basis of performance measures such as the privacy protection ability,communication consumption,power consumption and data accuracy etc.Furthermore,based on the existing work,we also discuss a number of open issues which may intrigue the interest of researchers for future work.展开更多
The introduction of the Internet of Things(IoT)paradigm serves as pervasive resource access and sharing platform for different real-time applications.Decentralized resource availability,access,and allocation provide a...The introduction of the Internet of Things(IoT)paradigm serves as pervasive resource access and sharing platform for different real-time applications.Decentralized resource availability,access,and allocation provide a better quality of user experience regardless of the application type and scenario.However,privacy remains an open issue in this ubiquitous sharing platform due to massive and replicated data availability.In this paper,privacy-preserving decision-making for the data-sharing scheme is introduced.This scheme is responsible for improving the security in data sharing without the impact of replicated resources on communicating users.In this scheme,classification learning is used for identifying replicas and accessing granted resources independently.Based on the trust score of the available resources,this classification is recurrently performed to improve the reliability of information sharing.The user-level decisions for information sharing and access are made using the classification of the resources at the time of availability.This proposed scheme is verified using the metrics access delay,success ratio,computation complexity,and sharing loss.展开更多
As an essential component of intelligent transportation systems(ITS),electric vehicles(EVs)can store massive amounts of electric power in their batteries and send power back to a charging station(CS)at peak hours to b...As an essential component of intelligent transportation systems(ITS),electric vehicles(EVs)can store massive amounts of electric power in their batteries and send power back to a charging station(CS)at peak hours to balance the power supply and generate profits.However,when the system collects the corresponding power data,several severe security and privacy issues are encountered.The identity and private injection data may be maliciously intercepted by network attackers and be tampered with to damage the services of ITS and smart grids.Existing approaches requiring high computational overhead render them unsuitable for the resource-constrained Internet of Things(IoT)environment.To address above problems,this paper proposes a blockchain-enabled secure and privacy-preserving data aggregation scheme for fog-based ITS.First,a fog computing and blockchain co-aware aggregation framework of power injection data is designed,which provides strong support for ITS to achieve secure and efficient power injection.Second,Paillier homomorphic encryption,the batch aggregation signature mechanism and a Bloom filter are effectively integrated with efficient aggregation of power injection data with security and privacy guarantees.In addition,the fine-grained homomorphic aggregation is designed for power injection data generated by all EVs,which provides solid data support for accurate power dispatching and supply management in ITS.Experiments show that the total computational cost is significantly reduced in the proposed scheme while providing security and privacy guarantees.The proposed scheme is more suitable for ITS with latency-sensitive applications and is also adapted to deploying devices with limited resources.展开更多
The application field of the Internet of Things(IoT)involves all aspects,and its application in the fields of industry,agriculture,environment,transportation,logistics,security and other infrastructure has effectively...The application field of the Internet of Things(IoT)involves all aspects,and its application in the fields of industry,agriculture,environment,transportation,logistics,security and other infrastructure has effectively promoted the intelligent development of these aspects.Although the IoT has gradually grown in recent years,there are still many problems that need to be overcome in terms of technology,management,cost,policy,and security.We need to constantly weigh the benefits of trusting IoT products and the risk of leaking private data.To avoid the leakage and loss of various user data,this paper developed a hybrid algorithm of kernel function and random perturbation method based on the algorithm of non-negative matrix factorization,which realizes personalized recommendation and solves the problem of user privacy data protection in the process of personalized recommendation.Compared to non-negative matrix factorization privacy-preserving algorithm,the new algorithm does not need to know the detailed information of the data,only need to know the connection between each data;and the new algorithm can process the data points with negative characteristics.Experiments show that the new algorithm can produce recommendation results with certain accuracy under the premise of preserving users’personal privacy.展开更多
Clinical decision-support systems are technology-based tools that help healthcare providers enhance the quality of their services to satisfy their patients and earn their trust.These systems are used to improve physic...Clinical decision-support systems are technology-based tools that help healthcare providers enhance the quality of their services to satisfy their patients and earn their trust.These systems are used to improve physicians’diagnostic processes in terms of speed and accuracy.Using data-mining techniques,a clinical decision support system builds a classification model from hospital’s dataset for diagnosing new patients using their symptoms.In this work,we propose a privacy-preserving clinical decision-support system that uses a privacy-preserving random forest algorithm to diagnose new symptoms without disclosing patients’information and exposing them to cyber and network attacks.Solving the same problem with a different methodology,the simulation results show that the proposed algorithm outperforms previous work by removing unnecessary attributes and avoiding cryptography algorithms.Moreover,our model is validated against the privacy requirements of the hospitals’datasets and votes,and patients’diagnosed symptoms.展开更多
Medical data mining has become an essential task in healthcare sector to secure the personal and medical data of patients using privacy policy.In this background,several authentication and accessibility issues emerge ...Medical data mining has become an essential task in healthcare sector to secure the personal and medical data of patients using privacy policy.In this background,several authentication and accessibility issues emerge with an inten-tion to protect the sensitive details of the patients over getting published in open domain.To solve this problem,Multi Attribute Case based Privacy Preservation(MACPP)technique is proposed in this study to enhance the security of privacy-preserving data.Private information can be any attribute information which is categorized as sensitive logs in a patient’s records.The semantic relation between transactional patient records and access rights is estimated based on the mean average value to distinguish sensitive and non-sensitive information.In addition to this,crypto hidden policy is also applied here to encrypt the sensitive data through symmetric standard key log verification that protects the personalized sensitive information.Further,linear integrity verification provides authentication rights to verify the data,improves the performance of privacy preserving techni-que against intruders and assures high security in healthcare setting.展开更多
Zero trust architecture is an end-to-end approach for server resources and data security which contains identity authentication,access control,dynamic evaluation,and so on.This work focuses on authentication technolog...Zero trust architecture is an end-to-end approach for server resources and data security which contains identity authentication,access control,dynamic evaluation,and so on.This work focuses on authentication technology in the zero trust network.In this paper,a Traceable Universal Designated Verifier Signature(TUDVS) is used to construct a privacy-preserving authentication scheme for zero trust architecture.Specifically,when a client requests access to server resources,we want to protect the client's access privacy which means that the server administrator cannot disclose the client's access behavior to any third party.In addition,the security of the proposed scheme is proved and its efficiency is analyzed.Finally,TUDVS is applied to the single packet authorization scenario of the zero trust architecture to prove the practicability of the proposed scheme.展开更多
文摘In the competitive retail industry of the digital era,data-driven insights into gender-specific customer behavior are essential.They support the optimization of store performance,layout design,product placement,and targeted marketing.However,existing computer vision solutions often rely on facial recognition to gather such insights,raising significant privacy and ethical concerns.To address these issues,this paper presents a privacypreserving customer analytics system through two key strategies.First,we deploy a deep learning framework using YOLOv9s,trained on the RCA-TVGender dataset.Cameras are positioned perpendicular to observation areas to reduce facial visibility while maintaining accurate gender classification.Second,we apply AES-128 encryption to customer position data,ensuring secure access and regulatory compliance.Our system achieved overall performance,with 81.5%mAP@50,77.7%precision,and 75.7%recall.Moreover,a 90-min observational study confirmed the system’s ability to generate privacy-protected heatmaps revealing distinct behavioral patterns between male and female customers.For instance,women spent more time in certain areas and showed interest in different products.These results confirm the system’s effectiveness in enabling personalized layout and marketing strategies without compromising privacy.
基金supported by the Natural Science Foundation of China No.62362008the Major Scientific and Technological Special Project of Guizhou Province([2024]014).
文摘With the rapid development of the Artificial Intelligence of Things(AIoT),convolutional neural networks(CNNs)have demonstrated potential and remarkable performance in AIoT applications due to their excellent performance in various inference tasks.However,the users have concerns about privacy leakage for the use of AI and the performance and efficiency of computing on resource-constrained IoT edge devices.Therefore,this paper proposes an efficient privacy-preserving CNN framework(i.e.,EPPA)based on the Fully Homomorphic Encryption(FHE)scheme for AIoT application scenarios.In the plaintext domain,we verify schemes with different activation structures to determine the actual activation functions applicable to the corresponding ciphertext domain.Within the encryption domain,we integrate batch normalization(BN)into the convolutional layers to simplify the computation process.For nonlinear activation functions,we use composite polynomials for approximate calculation.Regarding the noise accumulation caused by homomorphic multiplication operations,we realize the refreshment of ciphertext noise through minimal“decryption-encryption”interactions,instead of adopting bootstrapping operations.Additionally,in practical implementation,we convert three-dimensional convolution into two-dimensional convolution to reduce the amount of computation in the encryption domain.Finally,we conduct extensive experiments on four IoT datasets,different CNN architectures,and two platforms with different resource configurations to evaluate the performance of EPPA in detail.
基金supported by the Basque Government through the ELKARTEK program for Research and Innovation,under the BRTAQUANTUM project(Grant Agreement No.KK-2022/00041)。
文摘Privacy-Preserving Computation(PPC)comprises the techniques,schemes and protocols which ensure privacy and confidentiality in the context of secure computation and data analysis.Most of the current PPC techniques rely on the complexity of cryptographic operations,which are expected to be efficiently solved by quantum computers soon.This review explores how PPC can be built on top of quantum computing itself to alleviate these future threats.We analyze quantum proposals for Secure Multi-party Computation,Oblivious Transfer and Homomorphic Encryption from the last decade focusing on their maturity and the challenges they currently face.Our findings show a strong focus on purely theoretical works,but a rise on the experimental consideration of these techniques in the last 5 years.The applicability of these techniques to actual use cases is an underexplored aspect which could lead to the practical assessment of these techniques.
基金supported and funded by the Deanship of Graduate Studies and Scientific Research at Qassim University for financial support(QU-APC-2025).
文摘The rapid proliferation of Internet of Things(IoT)devices has heightened security concerns,making intrusion detection a pivotal challenge in safeguarding these networks.Traditional centralized Intrusion Detection Systems(IDS)often fail to meet the privacy requirements and scalability demands of large-scale IoT ecosystems.To address these challenges,we propose an innovative privacy-preserving approach leveraging Federated Learning(FL)for distributed intrusion detection.Our model eliminates the need for aggregating sensitive data on a central server by training locally on IoT devices and sharing only encrypted model updates,ensuring enhanced privacy and scalability without compromising detection accuracy.Key innovations of this research include the integration of advanced deep learning techniques for real-time threat detection with minimal latency and a novel model to fortify the system’s resilience against diverse cyber-attacks such as Distributed Denial of Service(DDoS)and malware injections.Our evaluation on three benchmark IoT datasets demonstrates significant improvements:achieving 92.78%accuracy on NSL-KDD,91.47%on BoT-IoT,and 92.05%on UNSW-NB15.The precision,recall,and F1-scores for all datasets consistently exceed 91%.Furthermore,the communication overhead was reduced to 85 MB for NSL-KDD,105 MB for BoT-IoT,and 95 MB for UNSW-NB15—substantially lower than traditional centralized IDS approaches.This study contributes to the domain by presenting a scalable,secure,and privacy-preserving solution tailored to the unique characteristics of IoT environments.The proposed framework is adaptable to dynamic and heterogeneous settings,with potential applications extending to other privacy-sensitive domains.Future work will focus on enhancing the system’s efficiency and addressing emerging challenges such as model poisoning attacks in federated environments.
基金supported in part by the National Natural Science Foundation of China(62462053)the Science and Technology Foundation of Qinghai Province(2023-ZJ-731)+1 种基金the Open Project of the Qinghai Provincial Key Laboratory of Restoration Ecology in Cold Area(2023-KF-12)the Open Research Fund of Guangdong Key Laboratory of Blockchain Security,Guangzhou University。
文摘Federated learning(FL)is a distributed machine learning paradigm that excels at preserving data privacy when using data from multiple parties.When combined with Fog Computing,FL offers enhanced capabilities for machine learning applications in the Internet of Things(IoT).However,implementing FL across large-scale distributed fog networks presents significant challenges in maintaining privacy,preventing collusion attacks,and ensuring robust data aggregation.To address these challenges,we propose an Efficient Privacy-preserving and Robust Federated Learning(EPRFL)scheme for fog computing scenarios.Specifically,we first propose an efficient secure aggregation strategy based on the improved threshold homomorphic encryption algorithm,which is not only resistant to model inference and collusion attacks,but also robust to fog node dropping.Then,we design a dynamic gradient filtering method based on cosine similarity to further reduce the communication overhead.To minimize training delays,we develop a dynamic task scheduling strategy based on comprehensive score.Theoretical analysis demonstrates that EPRFL offers robust security and low latency.Extensive experimental results indicate that EPRFL outperforms similar strategies in terms of privacy preserving,model performance,and resource efficiency.
基金supported in part by the National Natural Science Foundation of China under Grants 62102450,62272478the Independent Research Project of a Certain Unit under Grant ZZKY20243127.
文摘Federated Learning(FL)has emerged as a promising distributed machine learning paradigm that enables multi-party collaborative training while eliminating the need for raw data sharing.However,its reliance on a server introduces critical security vulnerabilities:malicious servers can infer private information from received local model updates or deliberately manipulate aggregation results.Consequently,achieving verifiable aggregation without compromising client privacy remains a critical challenge.To address these problem,we propose a reversible data hiding in encrypted domains(RDHED)scheme,which designs joint secret message embedding and extraction mechanism.This approach enables clients to embed secret messages into ciphertext redundancy spaces generated during model encryption.During the server aggregation process,the embedded messages from all clients fuse within the ciphertext space to form a joint embedding message.Subsequently,clients can decrypt the aggregated results and extract this joint embedding message for verification purposes.Building upon this foundation,we integrate the proposed RDHED scheme with linear homomorphic hash and digital signatures to design a verifiable privacy-preserving aggregation protocol for single-server architectures(VPAFL).Theoretical proofs and experimental analyses show that VPAFL can effectively protect user privacy,achieve lightweight computational and communication overhead of users for verification,and present significant advantages with increasing model dimension.
文摘As the demand for cross-departmental data collaboration continues to grow,traditional encryption methods struggle to balance data privacy with computational efficiency.This paper proposes a cross-departmental privacy-preserving computation framework based on BFV homomorphic encryption,threshold decryption,and blockchain technology.The proposed scheme leverages homomorphic encryption to enable secure computations between sales,finance,and taxation departments,ensuring that sensitive data remains encrypted throughout the entire process.A threshold decryption mechanism is employed to prevent single-point data leakage,while blockchain and IPFS are integrated to ensure verifiability and tamper-proof storage of computation results.Experimental results demonstrate that with 5,000 sample data entries,the framework performs efficiently and is highly scalable in key stages such as sales encryption,cost calculation,and tax assessment,thereby validating its practical feasibility and security.
文摘With the development of Internet of Things(IoT),the delay caused by network transmission has led to low data processing efficiency.At the same time,the limited computing power and available energy consumption of IoT terminal devices are also the important bottlenecks that would restrict the application of blockchain,but edge computing could solve this problem.The emergence of edge computing can effectively reduce the delay of data transmission and improve data processing capacity.However,user data in edge computing is usually stored and processed in some honest-but-curious authorized entities,which leads to the leakage of users’privacy information.In order to solve these problems,this paper proposes a location data collection method that satisfies the local differential privacy to protect users’privacy.In this paper,a Voronoi diagram constructed by the Delaunay method is used to divide the road network space and determine the Voronoi grid region where the edge nodes are located.A random disturbance mechanism that satisfies the local differential privacy is utilized to disturb the original location data in each Voronoi grid.In addition,the effectiveness of the proposed privacy-preserving mechanism is verified through comparison experiments.Compared with the existing privacy-preserving methods,the proposed privacy-preserving mechanism can not only better meet users’privacy needs,but also have higher data availability.
基金This work was supported by the National Natural Science Foundation of China(No.61702276)the Startup Foundation for Introducing Talent of Nanjing University of Information Science and Technology under Grant 2016r055 and the Priority Academic Program Development(PAPD)of Jiangsu Higher Education Institutions.The authors are grateful for the anonymous reviewers who made constructive comments and improvements.
文摘Advanced cloud computing technology provides cost saving and flexibility of services for users.With the explosion of multimedia data,more and more data owners would outsource their personal multimedia data on the cloud.In the meantime,some computationally expensive tasks are also undertaken by cloud servers.However,the outsourced multimedia data and its applications may reveal the data owner’s private information because the data owners lose the control of their data.Recently,this thought has aroused new research interest on privacy-preserving reversible data hiding over outsourced multimedia data.In this paper,two reversible data hiding schemes are proposed for encrypted image data in cloud computing:reversible data hiding by homomorphic encryption and reversible data hiding in encrypted domain.The former is that additional bits are extracted after decryption and the latter is that extracted before decryption.Meanwhile,a combined scheme is also designed.This paper proposes the privacy-preserving outsourcing scheme of reversible data hiding over encrypted image data in cloud computing,which not only ensures multimedia data security without relying on the trustworthiness of cloud servers,but also guarantees that reversible data hiding can be operated over encrypted images at the different stages.Theoretical analysis confirms the correctness of the proposed encryption model and justifies the security of the proposed scheme.The computation cost of the proposed scheme is acceptable and adjusts to different security levels.
基金supported by the National Natural Science Foundation of China(No.62206238)the Natural Science Foundation of Jiangsu Province(Grant No.BK20220562)the Natural Science Research Project of Universities in Jiangsu Province(No.22KJB520010).
文摘Federated learning for edge computing is a promising solution in the data booming era,which leverages the computation ability of each edge device to train local models and only shares the model gradients to the central server.However,the frequently transmitted local gradients could also leak the participants’private data.To protect the privacy of local training data,lots of cryptographic-based Privacy-Preserving Federated Learning(PPFL)schemes have been proposed.However,due to the constrained resource nature of mobile devices and complex cryptographic operations,traditional PPFL schemes fail to provide efficient data confidentiality and lightweight integrity verification simultaneously.To tackle this problem,we propose a Verifiable Privacypreserving Federated Learning scheme(VPFL)for edge computing systems to prevent local gradients from leaking over the transmission stage.Firstly,we combine the Distributed Selective Stochastic Gradient Descent(DSSGD)method with Paillier homomorphic cryptosystem to achieve the distributed encryption functionality,so as to reduce the computation cost of the complex cryptosystem.Secondly,we further present an online/offline signature method to realize the lightweight gradients integrity verification,where the offline part can be securely outsourced to the edge server.Comprehensive security analysis demonstrates the proposed VPFL can achieve data confidentiality,authentication,and integrity.At last,we evaluate both communication overhead and computation cost of the proposed VPFL scheme,the experimental results have shown VPFL has low computation costs and communication overheads while maintaining high training accuracy.
基金Supported by the National Natural Science Foundation of China (No. 61070189, 60673065)the National High Technology Development Program (No. 2008AA01Z419)
文摘Numerous privacy-preserving issues have emerged along with the fast development of Internet, both in theory and in real-life applications. To settle the privacy-preserving problems, secure multi-party computation is essential and critical. In this paper, we have solved two problems regarding to how to determine the position relation between points and curves without revealing any private information. Two protocols have been proposed in order to solve the problems in different conditions. In addition, some building blocks have been developed, such as scalar product protocol, so that we can take advantage of them to settle the privacy-preserving computational geometry problems which are a kind of special secure multi-party computation problems. Moreover, oblivious transfer and power series expansion serve as significant parts in our protocols. Analyses and proofs have also been given to argue our conclusion.
基金supported in part by NSFC under Grant No.61172090National Science and Technology Major Project under Grant 2012ZX03002001+3 种基金Research Fund for the Doctoral Program of Higher Education of China under Grant No.20120201110013Scientific and Technological Project in Shaanxi Province under Grant(No.2012K06-30,No.2014JQ8322)Basic Science Research Fund in Xi'an Jiaotong University(No.XJJ2014049,No.XKJC2014008)Shaanxi Science and Technology Innovation Project(2013SZS16-Z01/P01/K01)
文摘With the increasing popularity of cloud computing,privacy has become one of the key problem in cloud security.When data is outsourced to the cloud,for data owners,they need to ensure the security of their privacy;for cloud service providers,they need some information of the data to provide high QoS services;and for authorized users,they need to access to the true value of data.The existing privacy-preserving methods can't meet all the needs of the three parties at the same time.To address this issue,we propose a retrievable data perturbation method and use it in the privacy-preserving in data outsourcing in cloud computing.Our scheme comes in four steps.Firstly,an improved random generator is proposed to generate an accurate"noise".Next,a perturbation algorithm is introduced to add noise to the original data.By doing this,the privacy information is hidden,but the mean and covariance of data which the service providers may need remain unchanged.Then,a retrieval algorithm is proposed to get the original data back from the perturbed data.Finally,we combine the retrievable perturbation with the access control process to ensure only the authorized users can retrieve the original data.The experiments show that our scheme perturbs date correctly,efficiently,and securely.
基金Project supported by the National Natural Science Foundation of China (Nos. 60772098 and 60672068)the New Century Excel-lent Talents in University of China (No. NCET-06-0393)
文摘Privacy is a critical requirement in distributed data mining. Cryptography-based secure multiparty computation is a main approach for privacy preserving. However, it shows poor performance in large scale distributed systems. Meanwhile, data perturbation techniques are comparatively efficient but are mainly used in centralized privacy-preserving data mining (PPDM). In this paper, we propose a light-weight anonymous data perturbation method for efficient privacy preserving in distributed data mining. We first define the privacy constraints for data perturbation based PPDM in a semi-honest distributed environment. Two protocols are proposed to address these constraints and protect data statistics and the randomization process against collusion attacks: the adaptive privacy-preserving summary protocol and the anonymous exchange protocol. Finally, a distributed data perturbation framework based on these protocols is proposed to realize distributed PPDM. Experiment results show that our approach achieves a high security level and is very efficient in a large scale distributed environment.
基金supported in part by the National Natural Science Foundation of China(No.61272084,61202004)the Natural Science Foundation of Jiangsu Province(No.BK20130096)the Project of Natural Science Research of Jiangsu University(No.14KJB520031,No.11KJA520002)
文摘Wireless sensor networks(WSNs)consist of a great deal of sensor nodes with limited power,computation,storage,sensing and communication capabilities.Data aggregation is a very important technique,which is designed to substantially reduce the communication overhead and energy expenditure of sensor node during the process of data collection in a WSNs.However,privacy-preservation is more challenging especially in data aggregation,where the aggregators need to perform some aggregation operations on sensing data it received.We present a state-of-the art survey of privacy-preserving data aggregation in WSNs.At first,we classify the existing privacy-preserving data aggregation schemes into different categories by the core privacy-preserving techniques used in each scheme.And then compare and contrast different algorithms on the basis of performance measures such as the privacy protection ability,communication consumption,power consumption and data accuracy etc.Furthermore,based on the existing work,we also discuss a number of open issues which may intrigue the interest of researchers for future work.
基金supported by the Deanship of Scientific Research(DSR),King Abdulaziz University,Jeddah,under grant No.(DF-203-611-1441)。
文摘The introduction of the Internet of Things(IoT)paradigm serves as pervasive resource access and sharing platform for different real-time applications.Decentralized resource availability,access,and allocation provide a better quality of user experience regardless of the application type and scenario.However,privacy remains an open issue in this ubiquitous sharing platform due to massive and replicated data availability.In this paper,privacy-preserving decision-making for the data-sharing scheme is introduced.This scheme is responsible for improving the security in data sharing without the impact of replicated resources on communicating users.In this scheme,classification learning is used for identifying replicas and accessing granted resources independently.Based on the trust score of the available resources,this classification is recurrently performed to improve the reliability of information sharing.The user-level decisions for information sharing and access are made using the classification of the resources at the time of availability.This proposed scheme is verified using the metrics access delay,success ratio,computation complexity,and sharing loss.
基金The authors received Funding for this study from the National Natural Science Foundation of China(No.61971235)the China Postdoctoral Science Foundation(No.2018M630590)+1 种基金the Jiangsu Planned Projects for Postdoctoral Research Funds(No.2021K501C)the 333 High-level Talents Training Project of Jiangsu Province,and the 1311 Talents Plan of NJUPT.
文摘As an essential component of intelligent transportation systems(ITS),electric vehicles(EVs)can store massive amounts of electric power in their batteries and send power back to a charging station(CS)at peak hours to balance the power supply and generate profits.However,when the system collects the corresponding power data,several severe security and privacy issues are encountered.The identity and private injection data may be maliciously intercepted by network attackers and be tampered with to damage the services of ITS and smart grids.Existing approaches requiring high computational overhead render them unsuitable for the resource-constrained Internet of Things(IoT)environment.To address above problems,this paper proposes a blockchain-enabled secure and privacy-preserving data aggregation scheme for fog-based ITS.First,a fog computing and blockchain co-aware aggregation framework of power injection data is designed,which provides strong support for ITS to achieve secure and efficient power injection.Second,Paillier homomorphic encryption,the batch aggregation signature mechanism and a Bloom filter are effectively integrated with efficient aggregation of power injection data with security and privacy guarantees.In addition,the fine-grained homomorphic aggregation is designed for power injection data generated by all EVs,which provides solid data support for accurate power dispatching and supply management in ITS.Experiments show that the total computational cost is significantly reduced in the proposed scheme while providing security and privacy guarantees.The proposed scheme is more suitable for ITS with latency-sensitive applications and is also adapted to deploying devices with limited resources.
基金the National Natural Science Foundation of Chinaunder Grant No.61772280by the China Special Fund for Meteorological Research in the Public Interestunder Grant GYHY201306070by the Jiangsu Province Innovation and Entrepreneurship TrainingProgram for College Students under Grant No.201910300122Y.
文摘The application field of the Internet of Things(IoT)involves all aspects,and its application in the fields of industry,agriculture,environment,transportation,logistics,security and other infrastructure has effectively promoted the intelligent development of these aspects.Although the IoT has gradually grown in recent years,there are still many problems that need to be overcome in terms of technology,management,cost,policy,and security.We need to constantly weigh the benefits of trusting IoT products and the risk of leaking private data.To avoid the leakage and loss of various user data,this paper developed a hybrid algorithm of kernel function and random perturbation method based on the algorithm of non-negative matrix factorization,which realizes personalized recommendation and solves the problem of user privacy data protection in the process of personalized recommendation.Compared to non-negative matrix factorization privacy-preserving algorithm,the new algorithm does not need to know the detailed information of the data,only need to know the connection between each data;and the new algorithm can process the data points with negative characteristics.Experiments show that the new algorithm can produce recommendation results with certain accuracy under the premise of preserving users’personal privacy.
文摘Clinical decision-support systems are technology-based tools that help healthcare providers enhance the quality of their services to satisfy their patients and earn their trust.These systems are used to improve physicians’diagnostic processes in terms of speed and accuracy.Using data-mining techniques,a clinical decision support system builds a classification model from hospital’s dataset for diagnosing new patients using their symptoms.In this work,we propose a privacy-preserving clinical decision-support system that uses a privacy-preserving random forest algorithm to diagnose new symptoms without disclosing patients’information and exposing them to cyber and network attacks.Solving the same problem with a different methodology,the simulation results show that the proposed algorithm outperforms previous work by removing unnecessary attributes and avoiding cryptography algorithms.Moreover,our model is validated against the privacy requirements of the hospitals’datasets and votes,and patients’diagnosed symptoms.
文摘Medical data mining has become an essential task in healthcare sector to secure the personal and medical data of patients using privacy policy.In this background,several authentication and accessibility issues emerge with an inten-tion to protect the sensitive details of the patients over getting published in open domain.To solve this problem,Multi Attribute Case based Privacy Preservation(MACPP)technique is proposed in this study to enhance the security of privacy-preserving data.Private information can be any attribute information which is categorized as sensitive logs in a patient’s records.The semantic relation between transactional patient records and access rights is estimated based on the mean average value to distinguish sensitive and non-sensitive information.In addition to this,crypto hidden policy is also applied here to encrypt the sensitive data through symmetric standard key log verification that protects the personalized sensitive information.Further,linear integrity verification provides authentication rights to verify the data,improves the performance of privacy preserving techni-que against intruders and assures high security in healthcare setting.
基金supported in part by the National Natural Science Foundation of China(No.61702067)in part by the Natural Science Foundation of Chongqing(No.cstc2020jcyj-msxmX0343).
文摘Zero trust architecture is an end-to-end approach for server resources and data security which contains identity authentication,access control,dynamic evaluation,and so on.This work focuses on authentication technology in the zero trust network.In this paper,a Traceable Universal Designated Verifier Signature(TUDVS) is used to construct a privacy-preserving authentication scheme for zero trust architecture.Specifically,when a client requests access to server resources,we want to protect the client's access privacy which means that the server administrator cannot disclose the client's access behavior to any third party.In addition,the security of the proposed scheme is proved and its efficiency is analyzed.Finally,TUDVS is applied to the single packet authorization scenario of the zero trust architecture to prove the practicability of the proposed scheme.
