Search Results (24)

This research presents a novel framework and experimental results that combine zero-knowledge proofs (ZKPs) with private blockchain technology to safeguard whistleblower privacy while ensuring secure digital evidence submission and verification. For example, whistleblowers involved in corporate fraud cases can submit sensitive financial records anonymously while maintaining the credibility of the evidence. The proposed framework introduces several key innovations, including a private blockchain implementation utilising proof-of-work (PoW) consensus to ensure immutable storage and thorough scrutiny of submitted evidence, with mining difficulty dynamically aligned to the sensitivity of the data. It also features an adaptive difficulty mechanism that automatically adjusts computational requirements based on the sensitivity of the evidence, providing tailored protection levels. In addition, a unique two-phase validation process is incorporated, which generates a digital signature from the evidence alongside random challenges, significantly improving security and authenticity. The integration of ZKPs enables iterative hash-based verification between parties (Prover and Verifier) while maintaining the complete privacy of the source data. This research investigates the whistleblower’s niche in traditional digital evidence management systems (DEMSs), prioritising privacy without compromising evidence integrity. Experimental results demonstrate the framework’s effectiveness in preserving anonymity while assuring the authenticity of the evidence, making it useful for judicial systems and organisations handling sensitive disclosures. This paper signifies notable progress in secure whistleblowing systems, offering a way to juggle transparency with informant confidentiality. Full article

This paper proposes a novel federated recommendation framework that incorporates differential privacy to safeguard user privacy without compromising on the accuracy of recommendations. Unlike conventional recommendation systems that centralize user data, leading to potential privacy breaches, our framework ensures that user data remain on local devices. It leverages a federated learning approach, where a global model is trained across multiple devices without exchanging raw data. To enhance privacy protection, we integrate a specially designed differential privacy algorithm that adds carefully calibrated noise to the aggregated data updates. This mechanism ensures that the global model cannot be exploited to infer individual user information. We evaluate our framework on two real-world datasets, one from the e-commerce sector and another from the multimedia content recommendation domain. The results exhibit that our framework achieves competitive recommendation accuracy compared to traditional centralized approaches, with minimal loss in precision and recall metrics, while significantly enhancing user privacy. Our work stands as a testament to the feasibility of creating recommendation systems that do not have to choose between privacy and performance, paving the way for more ethical AI applications in sensitive domains. Full article

The Internet of Vehicles (IoV) has a significant impact on improving traffic efficiency and driving safety. In this paper, we propose an intelligent transportation credit system based on blockchain, and design a crossroad passing smart contract that allows time-sensitive convoys to pass a crossroad earlier by paying traffic tokens for right-of-way trade. Second, this paper formulates the time–cost optimization problem under the premise of protecting the privacy of preceding convoys. Based on game theory with incomplete information, two right-of-way optimal bid strategies are given. Both theoretical analysis and simulation prove that the strategy proposed in this paper effectively reduces the waiting time of time-sensitive vehicles at a crossroad and increases the trade success probability, which, in turn, improves the expected total profit of convoys and achieves Pareto improvement. Full article

Location privacy is an important parameter to be addressed in the case of vehicular ad hoc networks. Each vehicle frequently communicates with location-based services to find the nearest location of interest. The location messages communicated with the location server may contain sensitive information like vehicle identity, location, direction, and other headings. A Location-Based Services (LBS) server is not a trusted entity; it can interact with an adversary, compromising the location information of vehicles on the road and providing a way for an adversary to extract the future location tracks of a target vehicle. The existing works consider two or three neighboring vehicles as a virtual shadow to conceal location information. However, they did not fully utilize the semantic location information and pseudonym-changing process, which reduces the privacy protection level. Moreover, a lot of dummy location messages are generated that increase overheads in the network. To address these issues, we propose a Semantic Group Obfuscation (SGO) technique that utilizes both location semantics as well as an efficient pseudonym-changing scheme. SGO creates groups of similar status vehicles on the road and selects random position coordinates for communication with the LBS server. It hides the actual location of a target vehicle in a vicinity. The simulation results verify that the proposed scheme SGO improves the anonymization and entropy of vehicles, and it reduces the location traceability and overheads in the network in terms of computation cost and communication cost. The cost of overhead is reduced by 55% to 65% compared with existing schemes. We also formally model and specify SGO using High-Level Petri Nets (HLPNs), which show the correctness and appropriateness of the scheme. Full article

The rapid development of telemedicine technology has brought great convenience to people’s lives. Alongside generating great convenience, protecting patients’ privacy has become increasingly important. Therefore, to solve the above problems, this paper proposes a quantum privacy query protocol based on GHZ-like states. The protocol first utilizes existing diagnostic information for classification to encode symptom attributes. Then, the correlation after measurement using GHZ-like entangled states is utilized so that the querying party can only obtain a key message with the assistance of a third party. Through the above operation, the database cannot know the address of the message queried by the querying party, and the querying party is also unable to obtain more information. The protocol not only adds decoy factor detection but also adds the process of authentication while checking for illegal eavesdropping. It makes the protocol sufficiently resistant to joint attacks, participant attacks, and external system credit attacks. This database privacy query protocol ensures that the database service is more effective and its environment is more secure. Full article

Knowledge-Defined Networking (KDN) necessarily consists of a knowledge plane for the generation of knowledge, typically using machine learning techniques, and the dissemination of knowledge, in order to make knowledge-driven intelligent network decisions. In one way, KDN can be recognized as knowledge-driven Software-Defined Networking (SDN), having additional management and knowledge planes. On the other hand, KDN encapsulates all knowledge-/intelligence-/ cognition-/machine learning-driven networks, emphasizing knowledge generation (KG) and dissemination for making intelligent network decisions, unlike SDN, which emphasizes logical decoupling of the control plane. Blockchain is a technology created for secure and trustworthy decentralized transaction storage and management using a sequence of immutable and linked transactions. The decision-making trustworthiness of a KDN system is reliant on the trustworthiness of the data, knowledge, and AI model sharing. To this point, a KDN may make use of the capabilities of the blockchain system for trustworthy data, knowledge, and machine learning model sharing, as blockchain transactions prevent repudiation and are immutable, pseudo-anonymous, optionally encrypted, reliable, access-controlled, and untampered, to protect the sensitivity, integrity, and legitimacy of sharing entities. Furthermore, blockchain has been integrated with knowledge-based networks for traffic optimization, resource sharing, network administration, access control, protecting privacy, traffic filtering, anomaly or intrusion detection, network virtualization, massive data analysis, edge and cloud computing, and data center networking. Despite the fact that many academics have employed the concept of blockchain in cognitive networks to achieve various objectives, we can also identify challenges such as high energy consumption, scalability issues, difficulty processing big data, etc. that act as barriers for integrating the two concepts together. Academicians have not yet reviewed blockchain-based network solutions in diverse application categories for diverse knowledge-defined networks in general, which consider knowledge generation and dissemination using various techniques such as machine learning, fuzzy logic, and meta-heuristics. Therefore, this article fills a void in the content of the literature by first reviewing the diverse existing blockchain-based applications in diverse knowledge-based networks, analyzing and comparing the existing works, describing the advantages and difficulties of using blockchain systems in KDN, and, finally, providing propositions based on identified challenges and then presenting prospects for the future. Full article

An Internet of Things (IoT) network is prone to many ways of threatening individuals. IoT sensors are lightweight, lack complicated security protocols, and face threats to privacy and confidentiality. Hackers can attack the IoT network and access personal information and confidential data for blackmailing, and negatively manipulate data. This study aims to propose an IoT threat protection system (IoTTPS) to protect the IoT network from threats using an ensemble model RKSVM, comprising a random forest (RF), K nearest neighbor (KNN), and support vector machine (SVM) model. The software-defined networks (SDN)-based IoT network datasets such as KDD cup 99, NSL-KDD, and CICIDS are used for threat detection based on machine learning. The experimental phase is conducted by using a decision tree (DT), logistic regression (LR), Naive Bayes (NB), RF, SVM, gradient boosting machine (GBM), KNN, and the proposed ensemble RKSVM model. Furthermore, performance is optimized by adding a grid search hyperparameter optimization technique with K-Fold cross-validation. As well as the NSL-KDD dataset, two other datasets, KDD and CIC-IDS 2017, are used to validate the performance. Classification accuracies of 99.7%, 99.3%, 99.7%, and 97.8% are obtained for DoS, Probe, U2R, and R2L attacks using the proposed ensemble RKSVM model using grid search and cross-fold validation. Experimental results demonstrate the superior performance of the proposed model for IoT threat detection. Full article

The cyberspace depicts an increasing number of difficulties related to security, especially in healthcare. This is evident from how vulnerable critical infrastructures are to cyberattacks and are unprotected against cybercrime. Users, ideally, should maintain a good level of cyber hygiene, via regular software updates and the development of unique passwords, as an effective way to become resilient to cyberattacks. Cyber security breaches are a top priority, and most users are aware that their behaviours may put them at risk; however, they are not educated to follow best practices, such as protecting their passwords. Mass cyber education may serve as a means to offset poor cyber security behaviours; however, mandatory education becomes a questionable point if the content is not focused on human factors, using human-centric approaches and taking into account end users’ behaviours, which is currently the case. The nature of the present paper is largely exploratory, and the purpose is two-fold: To present and explore the cyber hygiene definition, context and habits of end users in order to strengthen our understanding of users. Our paper reports the best practices that should be used by healthcare organisations and healthcare professionals to maintain good cyber hygiene and how these can be applied via a healthcare use case scenario to increase awareness related to data privacy and cybersecurity. This is an issue of great importance and urgency considering the rapid increase of cyberattacks in healthcare organisations, mainly due to human errors. Further to that, based on human-centric approaches, our long-term vision and future work involves facilitating the development of efficient practices and education associated with cybersecurity hygiene via a flexible, adaptable and practical framework. Full article

With the continuous development of communication technology, drones are playing an important role in many fields, such as power transmission line inspection and agricultural pesticide spraying. In order to protect the data privacy and communication security of drones, many experts are considering blockchain as its enabling technology. However, due to their small size and limited power storage, drones cannot support energy-intensive blockchain applications. In addition, the future 6G communications need to implement an important key performance indicator, namely extremely low-power communications (ELPCs). As a consequence, research into green blockchain is becoming more and more popular. The broadcast of the blockchain is one of the most energy-intensive parts because it entails flooding and there are a lot of unnecessary communication processes. Therefore, in order to make blockchain more suitable for ELPC requirements in 6G communications and unmanned aerial vehicle (UAV) networks, we took the blockchain broadcast as an improvement candidate and designed LECast, a low-energy-consumption protocol. LECast first analyzes the energy consumption model of the communication between two drones and constructs the shortest-path broadcast tree (SPB Tree) for the UAV networks to minimize energy consumption. Meanwhile, to make the sending drone address the receiving drone in a more convenient way, we proposed an extended Huffman coding (EHC) scheme to name the drones. Furthermore, the other issues with the broadcast tree are reliability and security. When a channel fails, subsequent drones cannot smoothly receive the transaction or block data. As a result, we introduced multichannel transmission with splitting data (MTSD); that is, the transaction or block data are divided into segments and transmitted in parallel multiple times over multiple channels. Finally, through the analysis and simulation of LECast in terms of energy consumption, latency, throughput, reliability, security, and coverage rate, the advantages of LECast were confirmed, which could meet the requirements of ELPCs and be well applied to UAV networks. Full article

Coronavirus Disease 2019 (COVID-19) is still a threat to global health and safety, and it is anticipated that deep learning (DL) will be the most effective way of detecting COVID-19 and other chest diseases such as lung cancer (LC), tuberculosis (TB), pneumothorax (PneuTh), and pneumonia (Pneu). However, data sharing across hospitals is hampered by patients’ right to privacy, leading to unexpected results from deep neural network (DNN) models. Federated learning (FL) is a game-changing concept since it allows clients to train models together without sharing their source data with anybody else. Few studies, however, focus on improving the model’s accuracy and stability, whereas most existing FL-based COVID-19 detection techniques aim to maximize secondary objectives such as latency, energy usage, and privacy. In this work, we design a novel model named decision-making-based federated learning network (DMFL_Net) for medical diagnostic image analysis to distinguish COVID-19 from four distinct chest disorders including LC, TB, PneuTh, and Pneu. The DMFL_Net model that has been suggested gathers data from a variety of hospitals, constructs the model using the DenseNet-169, and produces accurate predictions from information that is kept secure and only released to authorized individuals. Extensive experiments were carried out with chest X-rays (CXR), and the performance of the proposed model was compared with two transfer learning (TL) models, i.e., VGG-19 and VGG-16 in terms of accuracy (ACC), precision (PRE), recall (REC), specificity (SPF), and F1-measure. Additionally, the DMFL_Net model is also compared with the default FL configurations. The proposed DMFL_Net + DenseNet-169 model achieves an accuracy of 98.45% and outperforms other approaches in classifying COVID-19 from four chest diseases and successfully protects the privacy of the data among diverse clients. Full article

Performing location-based services in a secure and efficient manner that remains a huge challenge for the Internet of Vehicles with numerous privacy and security risks. However, most of the existing privacy protection schemes are based on centralized location servers, which makes them all have a common drawback of a single point of failure and leaking user privacy. The employment of anonymity and cryptography is a well-known solution to the above problem, but its expensive resource consumption and complex cryptographic operations are difficult problems to solve. Based on this, designing a distributed and privacy-secure privacy protection scheme for the Internet of Vehicles is an urgent issue for the smart city. In this paper, we propose a privacy protection scheme for the Internet of Vehicles based on privacy set intersection. Specially, using privacy set intersection and blockchain techniques, we propose two protocols, that is, a dual authentication protocol and a service recommendation protocol. The double authentication protocol not only ensures that both communicating parties are trusted users, but also ensures the reliability of their session keys; while the service recommendation protocol based on pseudorandom function and one-way hash function can well protect the location privacy of users from being leaked. Finally, we theoretically analyze the security that this scheme has, i.e., privacy security, non-repudiation, and anti-man-in-the-middle attack. Full article

Before the transaction data in the blockchain is successfully linked, its signature must be publicly verified by a large number of nodes in the blockchain, which is also one of the ways to leak transaction information. To alleviate the contradiction between the public verifiability of signatures and the protection of transaction privacy, we introduce a verifiably encrypted signature scheme into the blockchain. A verifiably encrypted signature scheme contains two parts of signature information: the encrypted signature is used for public verification, and the ordinary signature is used for internal verification. To reach this goal even better, we design a new lattice-based verifiably encrypted signature scheme, which separates the parameter settings of the signer and the adjudicator, and replaces the Gaussian sampling algorithm with a small range of uniform random sampling, achieving better efficiency and security. Full article

Increasing systematic carbon sinks and clean energy generation proportion are the main ways to reduce the carbon emission of power system. In order to promote wind power accommodation and reduce system carbon emissions, a cooperative operation model of wind turbine and carbon capture power plant (CCPP) is constructed. Then, the model is equivalently transformed into two sub-problems. One is the operation optimization sub-problem of cooperative alliance with the goal of maximizing the alliance benefit. The other is the benefit distribution sub-problem with the goal of fair distributing cooperative benefit. To protect participants’ privacy, the alternating direction method of multipliers (ADMM) is used to realize the distributed solution of the two sub-problems. Finally, the effectiveness of the proposed model is verified by an example, and the sensitivity analysis of the alliance benefit and system carbon emission is carried out with carbon price and carbon capture cost as the sensitivity factors. The example results show that: (1) By providing up and down regulation services to wind turbines, CCPP can obtain ancillary service income and help to reduce the declaration deviation of wind turbines, which can realize multi-win-win situation. (2) Carbon price affects both thermal power units and carbon capture equipment. So, compared with carbon costs, the carbon emissions and the alliance benefit are both more sensitive to carbon price. The model of the paper is constructed under the deviation punishment mechanism, and subsequent research can be expanded in combination with a more detailed imbalance settlement mechanism. Full article

The paper presents the construction of a proof-of-concept for a distributed and decentralized e-voting application in an IoT embedded device with the help of blockchain technology. A SoC board was used as an IoT embedded device for testing the PoC. This solution ensures complete voter anonymity and end-to-end security for all entities participating in the electronic voting process. The paper outlines the solution’s two layers. Implementation details are presented for the e-voting application, which was deployed inside of an IoT embedded device. The solution and presented protocols provide two major properties: privacy and verifiability. To ensure privacy, the proposed solution protects the secrecy of each electronic vote. As for implementing verifiability, the solution prevents a corrupt authority from faking in any way the process of counting the votes. Both properties are achieved in the presented solution e-VoteD-App. Full article

Introduction: Recently, the tendency of artificial intelligence (AI) and big data use/applications has been rapidly expanding across the globe, improving people’s lifestyles with data-driven services (i.e., recommendations, smart healthcare, etc.). The synergy between AI and big data has become imperative considering the drastic growth in personal data stemming from diverse sources (cloud computing, IoT, social networks, etc.). However, when data meet AI at some central place, it invites unimaginable privacy issues, and one of those issues is group privacy. Despite being the most significant problem, group privacy has not yet received the attention of the research community it is due. Problem Statement: We study how to preserve the privacy of particular groups (a community of people with some common attributes/properties) rather than an individual in personal data handling (i.e., sharing, aggregating, and/or performing analytics, etc.), especially when we talk about groups purposely made by two or more people (with clear group identifying markers), for whom we need to protect their privacy as a group. Aims/Objectives: With this technical letter, our aim is to introduce a new dimension of privacy (e.g., group privacy) from technical perspectives to the research community. The main objective is to advocate the possibility of group privacy breaches when big data meet AI in real-world scenarios. Methodology: We set a hypothesis that group privacy (extracting group-level information) is a genuine problem, and can likely occur when AI-based techniques meet high dimensional and large-scale datasets. To prove our hypothesis, we conducted a substantial number of experiments on two real-world benchmark datasets using AI techniques. Based on the experimental analysis, we found that the likelihood of privacy breaches occurring at the group level by using AI techniques is very high when data are sufficiently large. Apart from that, we tested the parameter effect of AI techniques and found that some parameters’ combinations can help to extract more and fine-grained data about groups. Findings: Based on experimental analysis, we found that vulnerability of group privacy can likely increase with the data size and capacity of the AI method. We found that some attributes of people can act as catalysts in compromising group privacy. We suggest that group privacy should also be given due attention as individual privacy is, and robust tools are imperative to restrict implications (i.e., biased decision making, denial of accommodation, hate speech, etc.) of group privacy. Significance of results: The obtained results are the first step towards responsible data science, and can pave the way to understanding the phenomenon of group privacy. Furthermore, the results contribute towards the protection of motives/goals/practices of minor communities in any society. Concluding statement: Due to the significant rise in digitation, privacy issues are mutating themselves. Hence, it is vital to quickly pinpoint emerging privacy threats and suggest practical remedies for them in order to mitigate their consequences on human beings. Full article