The generation of synthetic trajectories has become essential in various fields for analyzing complex movement patterns.However,the use of real-world trajectory data poses significant privacy risks,such as location re...The generation of synthetic trajectories has become essential in various fields for analyzing complex movement patterns.However,the use of real-world trajectory data poses significant privacy risks,such as location reidentification and correlation attacks.To address these challenges,privacy-preserving trajectory generation methods are critical for applications relying on sensitive location data.This paper introduces DPIL-Traj,an advanced framework designed to generate synthetic trajectories while achieving a superior balance between data utility and privacy preservation.Firstly,the framework incorporates Differential Privacy Clustering,which anonymizes trajectory data by applying differential privacy techniques that add noise,ensuring the protection of sensitive user information.Secondly,Imitation Learning is used to replicate decision-making behaviors observed in real-world trajectories.By learning from expert trajectories,this component generates synthetic data that closely mimics real-world decision-making processes while optimizing the quality of the generated trajectories.Finally,Markov-based Trajectory Generation is employed to capture and maintain the inherent temporal dynamics of movement patterns.Extensive experiments conducted on the GeoLife trajectory dataset show that DPIL-Traj improves utility performance by an average of 19.85%,and in terms of privacy performance by an average of 12.51%,compared to state-of-the-art approaches.Ablation studies further reveal that DP clustering effectively safeguards privacy,imitation learning enhances utility under noise,and the Markov module strengthens temporal coherence.展开更多
Dear Editor,This letter addresses the critical challenge of preserving privacy in graph learning without compromising on data utility.Differential privacy(DP)is emerging as an effective method for privacy-preserving g...Dear Editor,This letter addresses the critical challenge of preserving privacy in graph learning without compromising on data utility.Differential privacy(DP)is emerging as an effective method for privacy-preserving graph learning.However,its application often diminishes data utility,especially for nodes with fewer neighbors in graph neural networks(GNNs).展开更多
With the popularization of smart devices,Location-Based Services(LBS)greatly facilitates users’life,but at the same time brings the risk of users’location privacy leakage.Existing location privacy protection methods...With the popularization of smart devices,Location-Based Services(LBS)greatly facilitates users’life,but at the same time brings the risk of users’location privacy leakage.Existing location privacy protection methods are deficient,failing to reasonably allocate the privacy budget for non-outlier location points and ignoring the critical location information that may be contained in the outlier points,leading to decreased data availability and privacy exposure problems.To address these problems,this paper proposes a Mix Location Privacy Preservation Method Based on Differential Privacy with Clustering(MLDP).The method first utilizes the DBSCAN clustering algorithm to classify location points into non-outliers and outliers.For non-outliers,the scoring function is designed by combining geographic information and semantic information,and the privacy budget is allocated according to the heat intensity of the hotspot area;for outliers,the scoring function is constructed to allocate the privacy budget based on their correlation with the hotspot area.By comprehensively considering the geographic information,semantic information,and correlation with hotspot areas of the location points,a reasonable privacy budget is assigned to each location point,andfinallynoise is added throughthe Laplacemechanismto realizeprivacyprotection.Experimental results on tworeal trajectory datasets,Geolife and T-Drive,show that the MLDP approach significantly improves data availability while effectively protecting location privacy.Compared with the comparison methods,the maximum available data ratio of MLDP is 1.Moreover,compared with the RandomNoise method,its execution time is 0.056–0.061 s longer,and the logRE is 0.12951–0.62194 lower;compared with KemeansDP,QTK-DP,DPK-F,IDP-SC,and DPK-Means-up methods,it saves 0.114–0.296 s in execution time,and the logRE is 0.01112–0.38283 lower.展开更多
With the increasing complexity of malware attack techniques,traditional detection methods face significant challenges,such as privacy preservation,data heterogeneity,and lacking category information.To address these i...With the increasing complexity of malware attack techniques,traditional detection methods face significant challenges,such as privacy preservation,data heterogeneity,and lacking category information.To address these issues,we propose Federated Dynamic Prototype Learning(FedDPL)for malware classification by integrating Federated Learning with a specifically designed K-means.Under the Federated Learning framework,model training occurs locally without data sharing,effectively protecting user data privacy and preventing the leakage of sensitive information.Furthermore,to tackle the challenges of data heterogeneity and the lack of category information,FedDPL introduces a dynamic prototype learning mechanism,which adaptively adjusts the clustering prototypes in terms of position and number.Thus,the dependency on predefined category numbers in typical K-means and its variants can be significantly reduced,resulting in improved clustering performance.Theoretically,it provides a more accurate detection of malicious behavior.Experimental results confirm that FedDPL excels in handling malware classification tasks,demonstrating superior accuracy,robustness,and privacy protection.展开更多
The support vector machine,a widely used binary classification method,may expose sensitive information during training.To address this,the authors propose a personalized differential privacy method that extends differ...The support vector machine,a widely used binary classification method,may expose sensitive information during training.To address this,the authors propose a personalized differential privacy method that extends differential privacy.Specifically,the authors introduce personalized differentially private support vector machines to meet different individuals'privacy requirements,using a reweighting strategy and the Laplace mechanism.Theoretical analysis demonstrates that the proposed methods simultaneously satisfy the requirements of personalized differential privacy and ensure model prediction accuracy at these privacy levels.Extensive experiments demonstrate that the proposed methods outperform the existing methods.展开更多
The advent of 6G networks is poised to drive a new era of intelligent,privacy-preserving distributed learning by leveraging advanced communication and AI-driven edge intelligence.Federated Learning(FL)has emerged as a...The advent of 6G networks is poised to drive a new era of intelligent,privacy-preserving distributed learning by leveraging advanced communication and AI-driven edge intelligence.Federated Learning(FL)has emerged as a promising paradigm to enable collaborative model training without exposing raw data.However,its deployment in 6G networks faces significant obstacles,including vulnerabilities to inference attacks,the complexities of heterogeneous and dynamic network environments,and the inherent trade-off between privacy protection and model performance.In response to these challenges,we introduce DP-Fed6G,a novel FL framework that integrates differential privacy(DP)to fortify data security while ensuring high-quality learning outcomes.Specifically,DPFed6G employs an adaptive noise injection strategy that dynamically adjusts privacy protection levels based on real-time 6G network conditions and device heterogeneity,ensuring robust data security while maximizing model performance and optimizing the trade-off between privacy and utility.Extensive experiments on three real-world healthcare datasets demonstrate that DP-Fed6G consistently outperforms existing baselines(DP-Fed SGD and DPFed Avg),achieving up to 10.3%higher test accuracy under the same privacy budget.The proposed framework thus provides a practical solution for secure and privacy-preserving AI in 6G,supporting intelligent decisionmaking in privacy-sensitive applications.展开更多
The rapid development and widespread adoption of massive open online courses(MOOCs)have indeed had a significant impact on China’s education curriculum.However,the problem of fake reviews and ratings on the platform ...The rapid development and widespread adoption of massive open online courses(MOOCs)have indeed had a significant impact on China’s education curriculum.However,the problem of fake reviews and ratings on the platform has seriously affected the authenticity of course evaluations and user trust,requiring effective anomaly detection techniques for screening.The textual characteristics of MOOCs reviews,such as varying lengths and diverse emotional tendencies,have brought complexity to text analysis.Traditional rule-based analysis methods are often inadequate in dealing with such unstructured data.We propose a Differential Privacy-Enabled Text Convolutional Neural Network(DP-TextCNN)framework,aiming to achieve high-precision identification of outliers in MOOCs course reviews and ratings while protecting user privacy.This framework leverages the advantages of Convolutional Neural Networks(CNN)in text feature extraction and combines differential privacy techniques.It balances data privacy protection with model performance by introducing controlled random noise during the data preprocessing stage.By embedding differential privacy into the model training process,we ensure the privacy security of the framework when handling sensitive data,while maintaining a high recognition accuracy.Experimental results indicate that the DP-TextCNN framework achieves an exceptional accuracy of over 95%in identifying fake reviews on the dataset,this outcome not only verifies the applicability of differential privacy techniques in TextCNN but also underscores its potential in handling sensitive educational data.Additionally,we analyze the specific impact of differential privacy parameters on framework performance,offering theoretical support and empirical analysis to strike an optimal balance between privacy protection and framework efficiency.展开更多
Federated learning effectively alleviates privacy and security issues raised by the development of artificial intelligence through a distributed training architecture.Existing research has shown that attackers can com...Federated learning effectively alleviates privacy and security issues raised by the development of artificial intelligence through a distributed training architecture.Existing research has shown that attackers can compromise user privacy and security by stealing model parameters.Therefore,differential privacy is applied in federated learning to further address malicious issues.However,the addition of noise and the update clipping mechanism in differential privacy jointly limit the further development of federated learning in privacy protection and performance optimization.Therefore,we propose an adaptive adjusted differential privacy federated learning method.First,a dynamic adaptive privacy budget allocation strategy is proposed,which flexibly adjusts the privacy budget within a given range based on the client’s data volume and training requirements,thereby alleviating the loss of privacy budget and the magnitude of model noise.Second,a longitudinal clipping differential privacy strategy is proposed,which based on the differences in factors that affect parameter updates,uses sparse methods to trim local updates,thereby reducing the impact of privacy pruning steps on model accuracy.The two strategies work together to ensure user privacy while the effect of differential privacy on model accuracy is reduced.To evaluate the effectiveness of our method,we conducted extensive experiments on benchmark datasets,and the results showed that our proposed method performed well in terms of performance and privacy protection.展开更多
Deep learning’s widespread dependence on large datasets raises privacy concerns due to the potential presence of sensitive information.Differential privacy stands out as a crucial method for preserving privacy,garner...Deep learning’s widespread dependence on large datasets raises privacy concerns due to the potential presence of sensitive information.Differential privacy stands out as a crucial method for preserving privacy,garnering significant interest for its ability to offer robust and verifiable privacy safeguards during data training.However,classic differentially private learning introduces the same level of noise into the gradients across training iterations,which affects the trade-off between model utility and privacy guarantees.To address this issue,an adaptive differential privacy mechanism was proposed in this paper,which dynamically adjusts the privacy budget at the layer-level as training progresses to resist member inference attacks.Specifically,an equal privacy budget is initially allocated to each layer.Subsequently,as training advances,the privacy budget for layers closer to the output is reduced(adding more noise),while the budget for layers closer to the input is increased.The adjustment magnitude depends on the training iterations and is automatically determined based on the iteration count.This dynamic allocation provides a simple process for adjusting privacy budgets,alleviating the burden on users to tweak parameters and ensuring that privacy preservation strategies align with training progress.Extensive experiments on five well-known datasets indicate that the proposed method outperforms competing methods in terms of accuracy and resilience against membership inference attacks.展开更多
With the ongoing digitalization and intelligence of power systems,there is an increasing reliance on large-scale data-driven intelligent technologies for tasks such as scheduling optimization and load forecasting.Neve...With the ongoing digitalization and intelligence of power systems,there is an increasing reliance on large-scale data-driven intelligent technologies for tasks such as scheduling optimization and load forecasting.Nevertheless,power data often contains sensitive information,making it a critical industry challenge to efficiently utilize this data while ensuring privacy.Traditional Federated Learning(FL)methods can mitigate data leakage by training models locally instead of transmitting raw data.Despite this,FL still has privacy concerns,especially gradient leakage,which might expose users’sensitive information.Therefore,integrating Differential Privacy(DP)techniques is essential for stronger privacy protection.Even so,the noise from DP may reduce the performance of federated learning models.To address this challenge,this paper presents an explainability-driven power data privacy federated learning framework.It incorporates DP technology and,based on model explainability,adaptively adjusts privacy budget allocation and model aggregation,thus balancing privacy protection and model performance.The key innovations of this paper are as follows:(1)We propose an explainability-driven power data privacy federated learning framework.(2)We detail a privacy budget allocation strategy:assigning budgets per training round by gradient effectiveness and at model granularity by layer importance.(3)We design a weighted aggregation strategy that considers the SHAP value and model accuracy for quality knowledge sharing.(4)Experiments show the proposed framework outperforms traditional methods in balancing privacy protection and model performance in power load forecasting tasks.展开更多
Federated Learning(FL),a practical solution that leverages distributed data across devices without the need for centralized data storage,which enables multiple participants to jointly train models while preserving dat...Federated Learning(FL),a practical solution that leverages distributed data across devices without the need for centralized data storage,which enables multiple participants to jointly train models while preserving data privacy and avoiding direct data sharing.Despite its privacy-preserving advantages,FL remains vulnerable to backdoor attacks,where malicious participants introduce backdoors into local models that are then propagated to the global model through the aggregation process.While existing differential privacy defenses have demonstrated effectiveness against backdoor attacks in FL,they often incur a significant degradation in the performance of the aggregated models on benign tasks.To address this limitation,we propose a novel backdoor defense mechanism based on differential privacy.Our approach first utilizes the inherent out-of-distribution characteristics of backdoor samples to identify and exclude malicious model updates that significantly deviate from benign models.By filtering out models that are clearly backdoor-infected before applying differential privacy,our method reduces the required noise level for differential privacy,thereby enhancing model robustness while preserving performance.Experimental evaluations on the CIFAR10 and FEMNIST datasets demonstrate that our method effectively limits the backdoor accuracy to below 15%across various backdoor scenarios while maintaining high main task accuracy.展开更多
Mobile crowdsensing(MCS)has become an effective paradigm to facilitate urban sensing.However,mobile users participating in sensing tasks will face the risk of location privacy leakage when uploading their actual sensi...Mobile crowdsensing(MCS)has become an effective paradigm to facilitate urban sensing.However,mobile users participating in sensing tasks will face the risk of location privacy leakage when uploading their actual sensing location data.In the application of mobile crowdsensing,most location privacy protection studies do not consider the temporal correlations between locations,so they are vulnerable to various inference attacks,and there is the problem of low data availability.In order to solve the above problems,this paper proposes a dynamic differential location privacy data publishing framework(DDLP)that protects privacy while publishing locations continuously.Firstly,the corresponding Markov transition matrices are established according to different times of historical trajectories,and then the protection location set is generated based on the current location at each timestamp.Moreover,using the exponential mechanism in differential privacy perturbs the true location by designing the utility function.Finally,experiments on the real-world trajectory dataset show that our method not only provides strong privacy guarantees,but also outperforms existing methods in terms of data availability and computational efficiency.展开更多
This study addresses the risk of privacy leakage during the transmission and sharing of multimodal data in smart grid substations by proposing a three-tier privacy-preserving architecture based on asynchronous federat...This study addresses the risk of privacy leakage during the transmission and sharing of multimodal data in smart grid substations by proposing a three-tier privacy-preserving architecture based on asynchronous federated learning.The framework integrates blockchain technology,the InterPlanetary File System(IPFS)for distributed storage,and a dynamic differential privacy mechanism to achieve collaborative security across the storage,service,and federated coordination layers.It accommodates both multimodal data classification and object detection tasks,enabling the identification and localization of key targets and abnormal behaviors in substation scenarios while ensuring privacy protection.This effectively mitigates the single-point failures and model leakage issues inherent in centralized architectures.A dynamically adjustable differential privacy mechanism is introduced to allocate privacy budgets according to client contribution levels and upload frequencies,achieving a personalized balance between model performance and privacy protection.Multi-dimensional experimental evaluations,including classification accuracy,F1-score,encryption latency,and aggregation latency,verify the security and efficiency of the proposed architecture.The improved CNN model achieves 72.34%accuracy and an F1-score of 0.72 in object detection and classification tasks on infrared surveillance imagery,effectively identifying typical risk events such as not wearing safety helmets and unauthorized intrusion,while maintaining an aggregation latency of only 1.58 s and a query latency of 80.79 ms.Compared with traditional static differential privacy and centralized approaches,the proposed method demonstrates significant advantages in accuracy,latency,and security,providing a new technical paradigm for efficient,secure data sharing,object detection,and privacy preservation in smart grid substations.展开更多
As deep learning(DL)models are increasingly deployed in sensitive domains(e.g.,healthcare),concerns over privacy and security have intensified.Conventional penetration testing frameworks,such asOWASP and NIST,are effe...As deep learning(DL)models are increasingly deployed in sensitive domains(e.g.,healthcare),concerns over privacy and security have intensified.Conventional penetration testing frameworks,such asOWASP and NIST,are effective for traditional networks and applications but lack the capabilities to address DL-specific threats,such asmodel inversion,membership inference,and adversarial attacks.This review provides a comprehensive analysis of penetration testing for the privacy of DL models,examining the shortfalls of existing frameworks,tools,and testing methodologies.Through systematic evaluation of existing literature and empirical analysis,we identify three major contributions:(i)a critical assessment of traditional penetration testing frameworks’inadequacies when applied to DL-specific privacy vulnerabilities,(ii)a comprehensive evaluation of state-of-the-art privacy-preserving methods and their integration with penetration testing workflows,and(iii)the development of a structured framework that combines reconnaissance,threat modeling,exploitation,and post-exploitation phases specifically tailored for DL privacy assessment.Moreover,this review evaluates popular solutions such as IBMAdversarial Robustness Toolbox and TensorFlowPrivacy,alongside privacy-preserving techniques(e.g.,Differential Privacy,Homomorphic Encryption,and Federated Learning),which we systematically analyze through comparative studies of their effectiveness,computational overhead,and practical deployment constraints.While these techniques offer promising safeguards,their adoption is hindered by accuracy loss,performance overheads,and the rapid evolution of attack strategies.Our findings reveal that no single existing solution provides comprehensive protection,which leads us to propose a hybrid approach that strategically combines multiple privacy-preserving mechanisms.The findings of this survey underscore an urgent need for automated,regulationcompliant penetration testing frameworks specifically tailored to DL systems.We argue for hybrid privacy solutions that combinemultiple protectivemechanisms to ensure bothmodel accuracy and privacy.Building on our analysis,we present actionable recommendations for developing adaptive penetration testing strategies that incorporate automated vulnerability assessment,continuous monitoring,and regulatory compliance verification.展开更多
This paper presents Dual Adaptive Neural Topology(Dual ANT),a distributed dual-network metaadaptive framework that enhances ant-colony-based multi-agent coordination with online introspection,adaptive parameter contro...This paper presents Dual Adaptive Neural Topology(Dual ANT),a distributed dual-network metaadaptive framework that enhances ant-colony-based multi-agent coordination with online introspection,adaptive parameter control,and privacy-preserving interactions.This approach improves standard Ant Colony Optimization(ACO)with two lightweight neural components:a forward network that estimates swarm efficiency in real time and an inverse network that converts these descriptors into parameter adaptations.To preserve the privacy of individual trajectories in shared pheromone maps,we introduce a locally differentially private pheromone update mechanism that adds calibrated noise to each agent’s pheromone deposit while preserving the efficacy of the global pheromone signal.The resulting systemenables agents to dynamically and autonomously adapt their coordination strategies under challenging and dynamic conditions,including varying obstacle layouts,uncertain target locations,and time-varying disturbances.Extensive simulations of large grid-based search tasks demonstrated that Dual ANT achieved faster convergence,higher robustness,and improved scalability compared to advanced baselines such asMulti-StrategyACO and Hierarchical ACO.The meta-adaptive feedback loop compensates for the performance degradation caused by privacy noise and prevents premature stagnation by triggering Levy flight exploration only when necessary.展开更多
In the age of information sharing, logistics information sharing also faces the risk of privacy leakage. In regard to the privacy leakage of time-series location information in the field of logistics, this paper propo...In the age of information sharing, logistics information sharing also faces the risk of privacy leakage. In regard to the privacy leakage of time-series location information in the field of logistics, this paper proposes a method based on differential privacy for time-series location data publication. Firstly, it constructs public region of interest(PROI) related to time by using clustering optimal algorithm. And it adopts the method of the centroid point to ensure the public interest point(PIP) representing the location of the public interest zone. Secondly, according to the PIP, we can construct location search tree(LST) that is a commonly used index structure of spatial data, in order to ensure the inherent relation among location data. Thirdly, we add Laplace noise to the node of LST, which means fewer times to add Laplace noise on the original data set and ensures the data availability. Finally, experiments show that this method not only ensures the security of sequential location data publishing, but also has better data availability than the general differential privacy method, which achieves a good balance between the security and availability of data.展开更多
基金supported by the Natural Science Foundation of Fujian Province of China(2025J01380)National Natural Science Foundation of China(No.62471139)+3 种基金the Major Health Research Project of Fujian Province(2021ZD01001)Fujian Provincial Units Special Funds for Education and Research(2022639)Fujian University of Technology Research Start-up Fund(GY-S24002)Fujian Research and Training Grants for Young and Middle-aged Leaders in Healthcare(GY-H-24179).
文摘The generation of synthetic trajectories has become essential in various fields for analyzing complex movement patterns.However,the use of real-world trajectory data poses significant privacy risks,such as location reidentification and correlation attacks.To address these challenges,privacy-preserving trajectory generation methods are critical for applications relying on sensitive location data.This paper introduces DPIL-Traj,an advanced framework designed to generate synthetic trajectories while achieving a superior balance between data utility and privacy preservation.Firstly,the framework incorporates Differential Privacy Clustering,which anonymizes trajectory data by applying differential privacy techniques that add noise,ensuring the protection of sensitive user information.Secondly,Imitation Learning is used to replicate decision-making behaviors observed in real-world trajectories.By learning from expert trajectories,this component generates synthetic data that closely mimics real-world decision-making processes while optimizing the quality of the generated trajectories.Finally,Markov-based Trajectory Generation is employed to capture and maintain the inherent temporal dynamics of movement patterns.Extensive experiments conducted on the GeoLife trajectory dataset show that DPIL-Traj improves utility performance by an average of 19.85%,and in terms of privacy performance by an average of 12.51%,compared to state-of-the-art approaches.Ablation studies further reveal that DP clustering effectively safeguards privacy,imitation learning enhances utility under noise,and the Markov module strengthens temporal coherence.
基金supported by the National Key Research and Development Program of China(2023YFF0612900,2023YFF0612902)the Natural Science Foundation of Beijing,China(4254086)+3 种基金the National Natural Science Foundation of China(62472032)the Open Project Funding of Key Laboratory of Mobile Application Innovation and Governance Technology,Ministry of Industry and Information Technology(2023IFS080601-K)the Beijing Institute of Technology Research Fund Program for Young Scholarsthe Young Elite Scientists Sponsorship Program by CAST(2023QNRC001)。
文摘Dear Editor,This letter addresses the critical challenge of preserving privacy in graph learning without compromising on data utility.Differential privacy(DP)is emerging as an effective method for privacy-preserving graph learning.However,its application often diminishes data utility,especially for nodes with fewer neighbors in graph neural networks(GNNs).
基金supported in part by the National Natural Science Foundation of China(Grant No.61971291)the Basic Scientific Research Project of the Liaoning Provincial Department of Education(LJ212410144013)+2 种基金the Leading Talent of the‘Xing Liao Ying Cai Plan’(XLYC2202013)the Shenyang Natural Science Foundation(22-315-6-10)the Guangxuan Scholar of Shenyang Ligong University(SYLUGXXZ202205).
文摘With the popularization of smart devices,Location-Based Services(LBS)greatly facilitates users’life,but at the same time brings the risk of users’location privacy leakage.Existing location privacy protection methods are deficient,failing to reasonably allocate the privacy budget for non-outlier location points and ignoring the critical location information that may be contained in the outlier points,leading to decreased data availability and privacy exposure problems.To address these problems,this paper proposes a Mix Location Privacy Preservation Method Based on Differential Privacy with Clustering(MLDP).The method first utilizes the DBSCAN clustering algorithm to classify location points into non-outliers and outliers.For non-outliers,the scoring function is designed by combining geographic information and semantic information,and the privacy budget is allocated according to the heat intensity of the hotspot area;for outliers,the scoring function is constructed to allocate the privacy budget based on their correlation with the hotspot area.By comprehensively considering the geographic information,semantic information,and correlation with hotspot areas of the location points,a reasonable privacy budget is assigned to each location point,andfinallynoise is added throughthe Laplacemechanismto realizeprivacyprotection.Experimental results on tworeal trajectory datasets,Geolife and T-Drive,show that the MLDP approach significantly improves data availability while effectively protecting location privacy.Compared with the comparison methods,the maximum available data ratio of MLDP is 1.Moreover,compared with the RandomNoise method,its execution time is 0.056–0.061 s longer,and the logRE is 0.12951–0.62194 lower;compared with KemeansDP,QTK-DP,DPK-F,IDP-SC,and DPK-Means-up methods,it saves 0.114–0.296 s in execution time,and the logRE is 0.01112–0.38283 lower.
基金supported by the National Natural Science Foundation of China under Grant No.62162009the Key Technologies R&D Program of He’nan Province under Grant No.242102211065+2 种基金the Postgraduate Education Reform and Quality Improvement Project of Henan Province under Grant Nos.YJS2025GZZ36,YJS2024AL112,and YJS2024JD38the Innovation Scientists and Technicians Troop Construction Projects of Henan Province under Grant No.CXTD2017099the Scientific Research Innovation Team of Xuchang University under Grant No.2022CXTD003.
文摘With the increasing complexity of malware attack techniques,traditional detection methods face significant challenges,such as privacy preservation,data heterogeneity,and lacking category information.To address these issues,we propose Federated Dynamic Prototype Learning(FedDPL)for malware classification by integrating Federated Learning with a specifically designed K-means.Under the Federated Learning framework,model training occurs locally without data sharing,effectively protecting user data privacy and preventing the leakage of sensitive information.Furthermore,to tackle the challenges of data heterogeneity and the lack of category information,FedDPL introduces a dynamic prototype learning mechanism,which adaptively adjusts the clustering prototypes in terms of position and number.Thus,the dependency on predefined category numbers in typical K-means and its variants can be significantly reduced,resulting in improved clustering performance.Theoretically,it provides a more accurate detection of malicious behavior.Experimental results confirm that FedDPL excels in handling malware classification tasks,demonstrating superior accuracy,robustness,and privacy protection.
基金supported by the National Key R&D Program of China under Grant No.2023YFA1008702the National Natural Science Foundation of China under Grant No.12571300。
文摘The support vector machine,a widely used binary classification method,may expose sensitive information during training.To address this,the authors propose a personalized differential privacy method that extends differential privacy.Specifically,the authors introduce personalized differentially private support vector machines to meet different individuals'privacy requirements,using a reweighting strategy and the Laplace mechanism.Theoretical analysis demonstrates that the proposed methods simultaneously satisfy the requirements of personalized differential privacy and ensure model prediction accuracy at these privacy levels.Extensive experiments demonstrate that the proposed methods outperform the existing methods.
基金supported in part by the Research and Development Project of China Railway Information Technology Group under Grant WJZG-CKY-2024040(2024P01)the National Natural Science Foun-dation of China under Grant 62272100the Consulting Project of Chinese Academy of Engineering under Grant 2023-XY-09。
文摘The advent of 6G networks is poised to drive a new era of intelligent,privacy-preserving distributed learning by leveraging advanced communication and AI-driven edge intelligence.Federated Learning(FL)has emerged as a promising paradigm to enable collaborative model training without exposing raw data.However,its deployment in 6G networks faces significant obstacles,including vulnerabilities to inference attacks,the complexities of heterogeneous and dynamic network environments,and the inherent trade-off between privacy protection and model performance.In response to these challenges,we introduce DP-Fed6G,a novel FL framework that integrates differential privacy(DP)to fortify data security while ensuring high-quality learning outcomes.Specifically,DPFed6G employs an adaptive noise injection strategy that dynamically adjusts privacy protection levels based on real-time 6G network conditions and device heterogeneity,ensuring robust data security while maximizing model performance and optimizing the trade-off between privacy and utility.Extensive experiments on three real-world healthcare datasets demonstrate that DP-Fed6G consistently outperforms existing baselines(DP-Fed SGD and DPFed Avg),achieving up to 10.3%higher test accuracy under the same privacy budget.The proposed framework thus provides a practical solution for secure and privacy-preserving AI in 6G,supporting intelligent decisionmaking in privacy-sensitive applications.
文摘The rapid development and widespread adoption of massive open online courses(MOOCs)have indeed had a significant impact on China’s education curriculum.However,the problem of fake reviews and ratings on the platform has seriously affected the authenticity of course evaluations and user trust,requiring effective anomaly detection techniques for screening.The textual characteristics of MOOCs reviews,such as varying lengths and diverse emotional tendencies,have brought complexity to text analysis.Traditional rule-based analysis methods are often inadequate in dealing with such unstructured data.We propose a Differential Privacy-Enabled Text Convolutional Neural Network(DP-TextCNN)framework,aiming to achieve high-precision identification of outliers in MOOCs course reviews and ratings while protecting user privacy.This framework leverages the advantages of Convolutional Neural Networks(CNN)in text feature extraction and combines differential privacy techniques.It balances data privacy protection with model performance by introducing controlled random noise during the data preprocessing stage.By embedding differential privacy into the model training process,we ensure the privacy security of the framework when handling sensitive data,while maintaining a high recognition accuracy.Experimental results indicate that the DP-TextCNN framework achieves an exceptional accuracy of over 95%in identifying fake reviews on the dataset,this outcome not only verifies the applicability of differential privacy techniques in TextCNN but also underscores its potential in handling sensitive educational data.Additionally,we analyze the specific impact of differential privacy parameters on framework performance,offering theoretical support and empirical analysis to strike an optimal balance between privacy protection and framework efficiency.
基金funded by the Science and Technology Project of State Grid Corporation of China(Research on the theory and method of multiparty encrypted computation in the edge fusion environment of power IoT,No.5700-202358592A-3-2-ZN)the National Natural Science Foundation of China(Grant Nos.62272056,62372048,62371069).
文摘Federated learning effectively alleviates privacy and security issues raised by the development of artificial intelligence through a distributed training architecture.Existing research has shown that attackers can compromise user privacy and security by stealing model parameters.Therefore,differential privacy is applied in federated learning to further address malicious issues.However,the addition of noise and the update clipping mechanism in differential privacy jointly limit the further development of federated learning in privacy protection and performance optimization.Therefore,we propose an adaptive adjusted differential privacy federated learning method.First,a dynamic adaptive privacy budget allocation strategy is proposed,which flexibly adjusts the privacy budget within a given range based on the client’s data volume and training requirements,thereby alleviating the loss of privacy budget and the magnitude of model noise.Second,a longitudinal clipping differential privacy strategy is proposed,which based on the differences in factors that affect parameter updates,uses sparse methods to trim local updates,thereby reducing the impact of privacy pruning steps on model accuracy.The two strategies work together to ensure user privacy while the effect of differential privacy on model accuracy is reduced.To evaluate the effectiveness of our method,we conducted extensive experiments on benchmark datasets,and the results showed that our proposed method performed well in terms of performance and privacy protection.
基金supported by the National Natural Science Foundation of China(Grant No.62462022)the Hainan Province Science and Technology Special Fund(Grants No.ZDYF2022GXJS229).
文摘Deep learning’s widespread dependence on large datasets raises privacy concerns due to the potential presence of sensitive information.Differential privacy stands out as a crucial method for preserving privacy,garnering significant interest for its ability to offer robust and verifiable privacy safeguards during data training.However,classic differentially private learning introduces the same level of noise into the gradients across training iterations,which affects the trade-off between model utility and privacy guarantees.To address this issue,an adaptive differential privacy mechanism was proposed in this paper,which dynamically adjusts the privacy budget at the layer-level as training progresses to resist member inference attacks.Specifically,an equal privacy budget is initially allocated to each layer.Subsequently,as training advances,the privacy budget for layers closer to the output is reduced(adding more noise),while the budget for layers closer to the input is increased.The adjustment magnitude depends on the training iterations and is automatically determined based on the iteration count.This dynamic allocation provides a simple process for adjusting privacy budgets,alleviating the burden on users to tweak parameters and ensuring that privacy preservation strategies align with training progress.Extensive experiments on five well-known datasets indicate that the proposed method outperforms competing methods in terms of accuracy and resilience against membership inference attacks.
文摘With the ongoing digitalization and intelligence of power systems,there is an increasing reliance on large-scale data-driven intelligent technologies for tasks such as scheduling optimization and load forecasting.Nevertheless,power data often contains sensitive information,making it a critical industry challenge to efficiently utilize this data while ensuring privacy.Traditional Federated Learning(FL)methods can mitigate data leakage by training models locally instead of transmitting raw data.Despite this,FL still has privacy concerns,especially gradient leakage,which might expose users’sensitive information.Therefore,integrating Differential Privacy(DP)techniques is essential for stronger privacy protection.Even so,the noise from DP may reduce the performance of federated learning models.To address this challenge,this paper presents an explainability-driven power data privacy federated learning framework.It incorporates DP technology and,based on model explainability,adaptively adjusts privacy budget allocation and model aggregation,thus balancing privacy protection and model performance.The key innovations of this paper are as follows:(1)We propose an explainability-driven power data privacy federated learning framework.(2)We detail a privacy budget allocation strategy:assigning budgets per training round by gradient effectiveness and at model granularity by layer importance.(3)We design a weighted aggregation strategy that considers the SHAP value and model accuracy for quality knowledge sharing.(4)Experiments show the proposed framework outperforms traditional methods in balancing privacy protection and model performance in power load forecasting tasks.
文摘Federated Learning(FL),a practical solution that leverages distributed data across devices without the need for centralized data storage,which enables multiple participants to jointly train models while preserving data privacy and avoiding direct data sharing.Despite its privacy-preserving advantages,FL remains vulnerable to backdoor attacks,where malicious participants introduce backdoors into local models that are then propagated to the global model through the aggregation process.While existing differential privacy defenses have demonstrated effectiveness against backdoor attacks in FL,they often incur a significant degradation in the performance of the aggregated models on benign tasks.To address this limitation,we propose a novel backdoor defense mechanism based on differential privacy.Our approach first utilizes the inherent out-of-distribution characteristics of backdoor samples to identify and exclude malicious model updates that significantly deviate from benign models.By filtering out models that are clearly backdoor-infected before applying differential privacy,our method reduces the required noise level for differential privacy,thereby enhancing model robustness while preserving performance.Experimental evaluations on the CIFAR10 and FEMNIST datasets demonstrate that our method effectively limits the backdoor accuracy to below 15%across various backdoor scenarios while maintaining high main task accuracy.
基金supported by the Inner Mongolia Natural Science Foundation(Grant No.2023MS06022)the University Youth Science and Technology Talent Development Project(Innovation Group Development Plan)of Inner Mongolia A.R.of China(Grant No.NMGIRT2318)+1 种基金the“Inner Mongolia Science and Technology Achievement Transfer and Transformation Demonstration Zone,University Collaborative Innovation Base,and University Entrepreneurship Training Base”Construction Project(Supercomputing Power Project)(Grant No.21300-231510)the Engineering Research Center of Ecological Big Data,Ministry of Education.
文摘Mobile crowdsensing(MCS)has become an effective paradigm to facilitate urban sensing.However,mobile users participating in sensing tasks will face the risk of location privacy leakage when uploading their actual sensing location data.In the application of mobile crowdsensing,most location privacy protection studies do not consider the temporal correlations between locations,so they are vulnerable to various inference attacks,and there is the problem of low data availability.In order to solve the above problems,this paper proposes a dynamic differential location privacy data publishing framework(DDLP)that protects privacy while publishing locations continuously.Firstly,the corresponding Markov transition matrices are established according to different times of historical trajectories,and then the protection location set is generated based on the current location at each timestamp.Moreover,using the exponential mechanism in differential privacy perturbs the true location by designing the utility function.Finally,experiments on the real-world trajectory dataset show that our method not only provides strong privacy guarantees,but also outperforms existing methods in terms of data availability and computational efficiency.
基金funded by the National Natural Science Foundation of China,grant number 61605004the Fundamental Research Funds for the Central Universities,grant number FRF-TP-19-016A2Guizhou Power Grid Co.,Ltd.2024 first batch of services(2024-2026 technology R&D services for science and technology projects(in addition to national and SGCC key projects)),grant number 060100KC23100012。
文摘This study addresses the risk of privacy leakage during the transmission and sharing of multimodal data in smart grid substations by proposing a three-tier privacy-preserving architecture based on asynchronous federated learning.The framework integrates blockchain technology,the InterPlanetary File System(IPFS)for distributed storage,and a dynamic differential privacy mechanism to achieve collaborative security across the storage,service,and federated coordination layers.It accommodates both multimodal data classification and object detection tasks,enabling the identification and localization of key targets and abnormal behaviors in substation scenarios while ensuring privacy protection.This effectively mitigates the single-point failures and model leakage issues inherent in centralized architectures.A dynamically adjustable differential privacy mechanism is introduced to allocate privacy budgets according to client contribution levels and upload frequencies,achieving a personalized balance between model performance and privacy protection.Multi-dimensional experimental evaluations,including classification accuracy,F1-score,encryption latency,and aggregation latency,verify the security and efficiency of the proposed architecture.The improved CNN model achieves 72.34%accuracy and an F1-score of 0.72 in object detection and classification tasks on infrared surveillance imagery,effectively identifying typical risk events such as not wearing safety helmets and unauthorized intrusion,while maintaining an aggregation latency of only 1.58 s and a query latency of 80.79 ms.Compared with traditional static differential privacy and centralized approaches,the proposed method demonstrates significant advantages in accuracy,latency,and security,providing a new technical paradigm for efficient,secure data sharing,object detection,and privacy preservation in smart grid substations.
基金supported in part by the Tianjin Natural Science Foundation Project(24JCZDJC01000)the Fundamental Research Funds for the Central Universities of China(No.3122025091).
文摘As deep learning(DL)models are increasingly deployed in sensitive domains(e.g.,healthcare),concerns over privacy and security have intensified.Conventional penetration testing frameworks,such asOWASP and NIST,are effective for traditional networks and applications but lack the capabilities to address DL-specific threats,such asmodel inversion,membership inference,and adversarial attacks.This review provides a comprehensive analysis of penetration testing for the privacy of DL models,examining the shortfalls of existing frameworks,tools,and testing methodologies.Through systematic evaluation of existing literature and empirical analysis,we identify three major contributions:(i)a critical assessment of traditional penetration testing frameworks’inadequacies when applied to DL-specific privacy vulnerabilities,(ii)a comprehensive evaluation of state-of-the-art privacy-preserving methods and their integration with penetration testing workflows,and(iii)the development of a structured framework that combines reconnaissance,threat modeling,exploitation,and post-exploitation phases specifically tailored for DL privacy assessment.Moreover,this review evaluates popular solutions such as IBMAdversarial Robustness Toolbox and TensorFlowPrivacy,alongside privacy-preserving techniques(e.g.,Differential Privacy,Homomorphic Encryption,and Federated Learning),which we systematically analyze through comparative studies of their effectiveness,computational overhead,and practical deployment constraints.While these techniques offer promising safeguards,their adoption is hindered by accuracy loss,performance overheads,and the rapid evolution of attack strategies.Our findings reveal that no single existing solution provides comprehensive protection,which leads us to propose a hybrid approach that strategically combines multiple privacy-preserving mechanisms.The findings of this survey underscore an urgent need for automated,regulationcompliant penetration testing frameworks specifically tailored to DL systems.We argue for hybrid privacy solutions that combinemultiple protectivemechanisms to ensure bothmodel accuracy and privacy.Building on our analysis,we present actionable recommendations for developing adaptive penetration testing strategies that incorporate automated vulnerability assessment,continuous monitoring,and regulatory compliance verification.
基金funded by the Deanship of Scientific Research at Northern Border University,Arar,Saudi Arabia,under project number NBU-FFR-2026-2441-02.
文摘This paper presents Dual Adaptive Neural Topology(Dual ANT),a distributed dual-network metaadaptive framework that enhances ant-colony-based multi-agent coordination with online introspection,adaptive parameter control,and privacy-preserving interactions.This approach improves standard Ant Colony Optimization(ACO)with two lightweight neural components:a forward network that estimates swarm efficiency in real time and an inverse network that converts these descriptors into parameter adaptations.To preserve the privacy of individual trajectories in shared pheromone maps,we introduce a locally differentially private pheromone update mechanism that adds calibrated noise to each agent’s pheromone deposit while preserving the efficacy of the global pheromone signal.The resulting systemenables agents to dynamically and autonomously adapt their coordination strategies under challenging and dynamic conditions,including varying obstacle layouts,uncertain target locations,and time-varying disturbances.Extensive simulations of large grid-based search tasks demonstrated that Dual ANT achieved faster convergence,higher robustness,and improved scalability compared to advanced baselines such asMulti-StrategyACO and Hierarchical ACO.The meta-adaptive feedback loop compensates for the performance degradation caused by privacy noise and prevents premature stagnation by triggering Levy flight exploration only when necessary.
基金Supported by the Social Science Foundation of Beijing(15JGB099,15ZHA004)the National Natural Science Foundation of China(61370139)"Information+" Special Fund(5111823610)
文摘In the age of information sharing, logistics information sharing also faces the risk of privacy leakage. In regard to the privacy leakage of time-series location information in the field of logistics, this paper proposes a method based on differential privacy for time-series location data publication. Firstly, it constructs public region of interest(PROI) related to time by using clustering optimal algorithm. And it adopts the method of the centroid point to ensure the public interest point(PIP) representing the location of the public interest zone. Secondly, according to the PIP, we can construct location search tree(LST) that is a commonly used index structure of spatial data, in order to ensure the inherent relation among location data. Thirdly, we add Laplace noise to the node of LST, which means fewer times to add Laplace noise on the original data set and ensures the data availability. Finally, experiments show that this method not only ensures the security of sequential location data publishing, but also has better data availability than the general differential privacy method, which achieves a good balance between the security and availability of data.
