Search Results (129)

Background/Objectives: Mask-wearing-induced discomfort often leads to unconscious loosening of the mask to relieve the discomfort, thereby compromising protective efficacy. This study investigated how leakage flows affect mask-associated thermoregulation and vapor trapping to inform better mask designs. An integrated ambience–mask–face–airway model with various mask-wearing misfits was developed. Methods: The transient warming/cooling effects, thermal buoyancy force, tissue heat generation, vapor phase change, and fluid/heat/mass transfer through a porous medium were considered in this model, which was validated using Schlieren imaging, a thermal camera, and velocity/temperature measurements. Leakages from the top and side of the mask were analyzed in comparison to a no-leak scenario under cyclic respiration conditions. Results: A significant inverse relationship was observed between mask leakage and facial temperature/humidity. An equivalent impact from buoyancy forces and exhalation flow inertia was observed both experimentally and numerically, indicating a delicate balance between natural convection and forced convection, which is sensitive to leakage flows and critical in thermo-humidity regulation. For a given gap, the leakage fraction was not constant within one breathing cycle but constantly increased during exhalation. Persistently higher temperatures were found in the nose region throughout the breathing cycle in a sealed mask and were mitigated during inhalation when gaps were present. Vapor condensation occurred within the mask medium during exhalation in all mask-wearing cases. Conclusions: The thermal and vapor temporal variation profiles were sensitive to the location of the gap, highlighting the feasibility of leveraging temperature and relative humidity to test mask fit and quantify leakage fraction. Full article

Nonlinear systems, characterized by their complex and often unpredictable dynamics, are essential in various scientific and engineering applications. However, accurately modeling these systems remains challenging due to their nonlinearity, high-dimensional interactions, and the privacy concerns inherent in data-sensitive domains. Existing federated learning approaches struggle to model such complex behaviors, particularly due to their inability to capture high-dimensional interactions and their failure to maintain privacy while ensuring robust model performance. This paper presents a novel federated learning framework for the robust approximation of nonlinear systems, addressing these challenges by integrating differential privacy to protect sensitive data without compromising model utility. The proposed framework enables decentralized training across multiple clients, ensuring privacy through differential privacy mechanisms that mitigate risks of information leakage via gradient updates. Advanced neural network architectures are employed to effectively approximate nonlinear dynamics, with stability and scalability ensured by rigorous theoretical analysis. We compare our approach with both centralized and decentralized federated models, highlighting the advantages of our framework, particularly in terms of privacy preservation. Comprehensive experiments on benchmark datasets, such as the Lorenz system and real-world climate data, demonstrate that our federated model achieves comparable accuracy to centralized approaches while offering strong privacy guarantees. The system efficiently handles data heterogeneity and dynamic nonlinear behavior, scaling well with both the number of clients and model complexity. These findings demonstrate a pathway for the secure and scalable deployment of machine learning models in nonlinear system modeling, effectively balancing accuracy, privacy, and computational performance. Full article

The emergence of the Internet of Things (IoT) technologies has greatly enhanced the lives of individuals with disabilities by leveraging radio frequency identification (RFID) systems to improve autonomy and access to essential services. However, these advancements also pose significant security risks, particularly through side-channel attacks that exploit weaknesses in the design and operation of RFID tags and readers, potentially jeopardizing sensitive information. To combat these threats, several solutions have been proposed, including advanced cryptographic protocols built on cryptographic algorithms such as elliptic curve cryptography. While these protocols offer strong protection and help minimize data leakage, they often require substantial computational resources, making them impractical for low-cost RFID tags. Therefore, it is essential to focus on the efficient implementation of cryptographic algorithms, which are fundamental to most encryption systems. Cryptographic algorithms primarily depend on various finite field operations, including field multiplication, field inversion, and field division. Among these operations, field multiplication is especially crucial, as it forms the foundation for executing other field operations, making it vital for the overall performance and security of the cryptographic framework. The method of implementing field multiplication operation significantly influences the system’s resilience against side-channel attacks; for instance, implementation using unidirectional systolic array structures can provide enhanced error detection capabilities, improving resistance to side-channel attacks compared to traditional bidirectional multipliers. Therefore, this research aims to develop a novel unidirectional systolic array structure for the Dickson basis multiplier, which is anticipated to achieve lower space and power consumption, facilitating the efficient and secure implementation of computationally intensive cryptographic algorithms in RFID systems with limited resources. This advancement is crucial as RFID technology becomes increasingly integrated into various IoT applications for individuals with disabilities, including secure identification and access control. Full article

Flight operations data play a central role in ensuring flight safety, optimizing operations, and driving innovation. However, these data have become a key target for cyber-attacks, and are especially vulnerable to property inference attacks. Aiming at property inference attacks in shared application model training, we proposed FedMeta-CTGAN, a novel approach that leverages federated meta-learning and conditional tabular generative adversarial networks (CTGANs) to protect flight operations data. Motivated by the need for secure data sharing in aviation, as highlighted by the Federal Aviation Administration’s requirement for ADS-B Out equipment on aircraft to create a shared situational awareness environment, our method aims to prevent sensitive information leakage while maintaining model performance. FedMeta-CTGAN exploits the natural privacy-preserving properties of a two-stage update in meta-learning, using real data to train the CTGAN model and synthetic fake data as query data during meta-training. Comprehensive experiments using a real flight operation dataset demonstrate the effectiveness of our proposed method. FedMeta-CTGAN adapts quickly to unbalanced data, achieving a prediction accuracy of 96.33%, while reducing the attacker’s inference AUC score to 0.51 under property inference attacks. Our contribution lies in the development of a secure and efficient data-sharing solution for flight operations data, which has the potential to revolutionize the aviation industry. Full article

Trajectory data are embedded within driving paths, GPS positioning systems, and mobile signaling information. A vast amount of trajectory data play a crucial role in the development of smart cities. However, these trajectory data contain a significant amount of sensitive user information, which poses a substantial threat to personal privacy. In this work, we have constructed an internal secure information granule model based on differential privacy to ensure the secure sharing and analysis of trajectory data. This model deeply integrates granular computing with differential privacy, addressing the issue of privacy leakage during the sharing of trajectory data. We introduce the Laplace mechanism during the granulation of information granules to ensure data security, and the flexibility at the granularity level provides a solid foundation for subsequent data analysis. Meanwhile, this work demonstrates the practical applications of the solution for the secure sharing of trajectory data. It integrates trajectory data with economic data using the Takagi–Sugeno fuzzy rule model to fit and predict regional economies, thereby verifying the feasibility of the granular computing model based on differential privacy and ensuring the privacy and security of users’ trajectory information. The experimental results show that the information granule model based on differential privacy can more effectively enable data analysis. Full article

In today’s volatile supply chain (SC) environment, competition has shifted beyond individual companies to the entire SC ecosystem. Reducing overall SC costs is crucial for success and benefits all participants. One effective approach to achieve this is through digital transformation, enhancing SC coordination via information sharing, and establishing decision policies among entities. However, the risk of unauthorized leakage of sensitive information poses a significant challenge. We aim to propose a Privacy-preserving Multi-agent Reinforcement Learning (PMaRL) method to enhance SC visibility, coordination, and performance during inventory management while effectively mitigating the risk of information leakage by leveraging machine learning techniques. The SC inventory policies are optimized using multi-agent reinforcement learning with additional SC connectivity information to improve training performance. The simulation-based evaluation results illustrate that the PMaRL method surpasses traditional optimization methods in achieving cost performance comparable to full visibility methods, all while preserving privacy. This research addresses the dual objectives of information security and cost reduction in SC inventory management, aligning with the broader trend of digital transformation. Full article

Federated learning avoids centralizing data in a central server by distributing the model training process across devices, thus protecting privacy to some extent. However, existing research shows that model updates (e.g., gradients or weights) exchanged during federated learning may still indirectly leak sensitive information about the original data. Currently, single-key homomorphic encryption methods applied in federated learning cannot solve the problem of privacy leakage that may be caused by the collusion between the participant and the federated learning server, whereas existing privacy-preserving federated learning schemes based on multi-key homomorphic encryption in semi-honest environments have deficiencies and limitations in terms of security and application conditions. To this end, this paper proposes a privacy-preserving federated learning scheme based on multi-key fully homomorphic encryption to cope with the potential risk of privacy leakage in traditional federated learning. We designed a multi-key fully homomorphic encryption scheme, mMFHE, that encrypts by aggregating public keys and requires all participants to jointly participate in decryption sharing, thus ensuring data security and privacy. The proposed privacy-preserving federated learning scheme encrypts the model updates through multi-key fully homomorphic encryption, ensuring confidentiality under the CRS model and in a semi-honest environment. As a fully homomorphic encryption scheme, mMFHE supports homomorphic addition and homomorphic multiplication for more flexible applications. Our security analysis proves that the scheme can withstand collusive attacks by up to $N-1$ users and servers, where N is the total number of users. Performance analysis and experimental results show that our scheme reduces the complexity of the NAND gate, which reduces the computational load and improves the efficiency while ensuring the accuracy of the model. Full article

Modern computing systems are primarily designed for maximum performance, which inadvertently introduces vulnerabilities at the micro-architecture level. While cache side-channel analysis has received significant attention, other Central Processing Units (CPUs) components like the Translation Lookaside Buffer (TLB) can also be exploited to leak sensitive information. This paper focuses on the TLB, a micro-architecture component that is vulnerable to side-channel attacks. Despite the coarse granularity at the page level, advancements in tools and techniques have made TLB information leakage feasible. The primary goal of this study is not to demonstrate the potential for information leakage from the TLB but to establish a comprehensive framework to reverse engineer the TLB configuration, a critical aspect of side-channel analysis attacks that have previously succeeded in extracting sensitive data. The methodology involves detailed reverse engineering efforts on Intel CPUs, complemented by analytical tools to support TLB reverse engineering. This study successfully reverse-engineered the TLB configurations for Intel CPUs and introduced visual tools for further analysis. These results can be used to explore TLB vulnerabilities in greater depth. However, when attempting to apply the same methodology to the IBM Power9, it became clear that the methodology was not transferable, as mapping functions and performance counters vary across different vendors. Full article

For information security, entity and relation extraction can be applied in sensitive information protection, data leakage detection, and other aspects. The current approaches to entity relation extraction not only ignore the relevance and dependency between name entity recognition and relation extraction but also may result in the cumulative propagation of errors. To solve this problem, it is proposed that an end-to-end joint entity and relation extraction model based on the Attention mechanism and Graph Convolutional Network (GCN) to simultaneously extract named entities and their relationships. The model includes three parts: the detection of entity span, the construction of an entity relation weighted graph, and the inference of entity relation type. Firstly, the detection of entity spans is viewed as a sequence labeling problem, and a multi-feature fusion approach for word embedding representation is designed to calculate all entity spans in a sentence to form an entity span matrix. Secondly, the entity span matrix is employed in the Multi-Head Attention mechanism for constructing the weighted adjacency matrix of the entity relation graph. Finally, for the inference of entity relation type, considering the interaction between entities and relations, the entity span matrix and relation connection matrix are simultaneously fed into the GCN for integrated extraction of entities and relations. Our model is evaluated on the public NYT dataset, attaining a precision of 66.4%, a recall of 63.1%, and an F1 score of 64.7% for joint entity and relation extraction, significantly outperforming other approaches. Experiments demonstrate that the proposed model is helpful for inferring entities and relations, considering the interaction between entities and relations through the Attention mechanism and GCN. Full article

This paper tackles the critical issue of privacy in Natural Language Processing (NLP) systems that process sensitive data by introducing a novel framework combining differential privacy and adversarial training. The proposed solution ensures formal privacy guarantees by minimizing the influence of individual data points on the model’s behavior, effectively preventing information leakage. Simultaneously, adversarial training is applied to strengthen model robustness against privacy attacks by exposing it to adversarial examples during training. The framework is rigorously evaluated across various NLP tasks, demonstrating its capability to balance privacy preservation with high utility effectively. These results mark a significant advancement in developing secure and reliable NLP systems, particularly for applications requiring stringent data confidentiality, such as healthcare and finance. Full article

Side-channel attacks (SCAs) are powerful techniques used to recover keys from electronic devices by exploiting various physical leakages, such as power, timing, and heat. Although heat is one of the less frequently analyzed channels due to the high noise associated with thermal traces, it poses a significant and growing threat to the security of very large-scale integrated (VLSI) microsystems, particularly system in package (SiP) technologies. Thermal side-channel attacks (TSCAs) exploit temperature variations, risking not only hardware damage from excessive heat dissipation but also enabling the extraction of sensitive data, like cryptographic keys, by observing thermal patterns. This dual threat underscores the need for a synergistic approach to thermal management and security in designing integrated microsystems. In response, this paper presents a novel approach that improves the early detection of abnormal thermal fluctuations in SiP designs, preventing cybercriminals from exploiting such anomalies to extract sensitive information for malicious purposes. Our approach employs a new concept called Thermal Digital Twin (TDT), which integrates two previously separate methods and techniques, resulting in successful outcomes. It combines the gradient direction sensor scan (GDSSCAN) to capture thermal data from the physical field programmable gate array (FPGA), which guarantees rapid thermal scan with a measurement period that could be close to $10 \mathsf{\mu }\mathrm{s},$ a resolution of ${0.5 }^{\circ }$C, and a temperature range from −${40 }^{\circ }$C to ${140 }^{\circ }$C; once the data are transmitted in real time to a Digital Twin created in COMSOL Multiphysics^® 6.0 for simulation using the Finite Element Method (FEM), the real time required by the CPU to perform all the necessary calculations can extend to several seconds or minutes. This integration allows for a detailed analysis of thermal transfer within the SiP model of our FPGA. Implementation and simulations demonstrate that the Thermal Digital Twin (TDT) approach could reduce the risks associated with TSCA by a significant percentage, thereby enhancing the security of FPGA systems against thermal threats. Full article

In order to comprehensively understand the complex fracture mechanisms in thick and loose sandstone formations, we have carefully developed a coupled finite element numerical model that captures the complex interactions between fluid flow and solid deformation. This model is the cornerstone of our future exploration. Based on this model, the crack propagation problem of hydraulic fracturing under different engineering and geological conditions was studied. In addition, we conducted in-depth research on the key factors that shape the geometry of hydraulic fractures, revealing their subtle differences and complexities. It is worth noting that the sharp contrast between the stress profile and mechanical properties between the production layer and the boundary layer often leads to fascinating phenomena, such as the vertical merging of hydraulic fracture propagation. The convergence of cracks originating from adjacent layers is a recurring theme in these strata. Sensitivity analysis clarified our understanding, revealing that increased elastic modulus promotes longer crack propagation paths. As the elastic modulus increases from 12 GPa to 18 GPa, overall, the maximum crack width slightly decreases, with a less than 10% reduction rate. The increased fluid leakage rate will significantly shorten the length and width of hydraulic fractures (with a maximum decrease of over 70% in fracture width). The increase in viscosity of fracturing fluid causes a change in fracture morphology, with a reduction in length of about 32% and an increase in fracture width of about 25%. It is worth noting that as the leakage rate of fracturing fluid increases, the importance of the viscosity of fracturing fluid decreases relatively. Strategies such as increasing fluid viscosity or adding anti-filtration agents can alleviate these challenges and improve the efficiency of fracturing fluids. In summary, our research findings provide valuable insights that can provide information and optimization for hydraulic fracturing filling and fracturing strategies in loose sandstone formations, promoting more efficient and influential oil and gas extraction work. Full article

Physical side-channel attacks utilize power, electromagnetic (EM), or timing signatures from cryptographic implementations during operation to retrieve sensitive information from security-critical devices. This paper provides a comprehensive review of these potent attacks against cryptographic hardware implementations, with a particular emphasis on pre-silicon leakage assessment methodologies. We explore the intricacies of cryptographic algorithms, various side-channel attacks, and the latest mitigation techniques. Although leakage assessment techniques are widely adopted in the post-silicon phase, pre-silicon leakage assessment is an emerging field that addresses the inherent limitations of its post-silicon counterpart. We scrutinize established post-silicon techniques and provide a detailed comparative analysis of pre-silicon leakage assessment across different abstraction levels in the hardware design and verification flow. Furthermore, we categorize and discuss existing pre-silicon power and electromagnetic modeling techniques for leakage detection and mitigation that can be integrated with electronic design automation (EDA) tools to automate security assessments. Lastly, we offer insights into the future trajectory of physical side-channel leakage assessment techniques in the pre-silicon stages, highlighting the need for further research and development in this critical area of cybersecurity. Full article

Smart grids generate an immense volume of load data. When analyzed using intelligent technologies, these data can significantly improve power load management, optimize energy distribution, and support green energy conservation and emissions reduction goals. However, in the process of data utilization, a pertinent issue arises regarding potential privacy leakage concerning both regional and individual user power load data. This paper addresses the scenario of outsourcing computational tasks for regional power load forecasting in smart grids, proposing a regional-level load forecasting solution based on secure outsourcing computation. Initially, the scheme designs a secure outsourcing training protocol to carry out model training tasks while ensuring data security. This protocol guarantees that sensitive information, including but not limited to individual power consumption data, remains comprehensively safeguarded throughout the entirety of the training process, effectively mitigating any potential risks of privacy infringements. Subsequently, a secure outsourcing online prediction protocol is devised, enabling efficient execution of prediction tasks while safeguarding data privacy. This protocol ensures that predictions can be made without compromising the privacy of individual or regional power load data. Ultimately, experimental analysis demonstrates that the proposed scheme meets the requirements of privacy, accuracy, and timeliness for outsourcing computational tasks of load forecasting in smart grids. Full article

This paper evaluated deployment efficiency by comparing manual deployment with automated deployment through a CI/CD pipeline using Jenkins. This study involved moving from a manual deployment process to an automated system using Jenkins and experimenting with both deployment methods in a real-world environment. The results showed that the automated deployment system significantly reduced the deployment time compared to manual deployment and significantly reduced the error rate. Manual deployment required human intervention at each step, making it time-consuming and prone to mistakes, while automated deployment using Jenkins automated each step to ensure consistency and maximized time efficiency through parallel processing. Automated testing verified the stability of the code before deployment, minimizing errors. This study demonstrates the effectiveness of adopting a CI/CD pipeline and shows that automated systems can provide high efficiency in real-world production environments. It also highlights the importance of security measures to prevent sensitive information leakage during CI/CD, suggesting the use of secrecy management tools and environment variables and limiting access rights. This research will contribute to exploring the applicability of CI/CD pipelines in different environments and, in doing so, validate the universality of automated systems. Full article