Communication and Information Security

Session CIS-01

Data Privacy

Conference
1:30 PM — 3:00 PM CST
Local
Aug 9 Sun, 10:30 PM — 12:00 AM PDT

Invited Paper: Privacy-Preserving Multilayer In-Band Network Telemetry and Data Analytics

Xiaoqin Pan, Shaofei Tang and Zuqing Zhu (University of Science and Technology of China, China)

0
As a new paradigm for the monitoring and troubleshooting of backbone networks, the multilayer in-band network telemetry (ML-INT) with deep learning (DL) based data analytics (DA) has recently been proven to be effective on real-time visualization and fine-grained monitoring. However, the existing studies on ML-INT\&DA systems have overlooked the privacy and security issues, i.e., a malicious party can apply tapping in the data reporting channels between the data and control planes to illegally obtain plaintext ML-INT data in them. In this paper, we discuss a privacy-preserving DL-based ML-INT&DA system for realizing AI-assisted network automation in backbone networks in the form of IP-over-Optical. We first show a lightweight encryption scheme based on integer vector homomorphic encryption (IVHE), which is used to encrypt plaintext ML-INT data. Then, we architect a DL model for anomaly detection, which can directly analyze the ciphertext ML-INT data. Finally, we present the implementation and experimental demonstrations of the proposed system. The privacy-preserving DL-based ML-INT&DA system is realized in a real IP over elastic optical network (IP-over-EON) testbed, and the experimental results verify the feasibility and effectiveness of our proposal.

Enhanced p-Sensitive k-Anonymity Models for Achieving Better Privacy

Nan Wang, Haina Song, Tao Luo, Jinkao Sun and Jianfeng Li (Beijing University of Posts and Telecommunications, China)

0
To our best knowledge, the p-sensitive k-anonymity model is a sophisticated model to resist link attacks and homogeneous attacks in data publishing. However, if the distribution of sensitive values is skew, the model is difficult to defend against skew attacks and even faces sensitive attacks. In practice, the privacy requirements of different sensitive values are not always identical. The "one size fits all" unified privacy protection level may cause unnecessary information loss. To address these problems, the paper quantifies privacy requirements with sensitivity and concerns more about sensitive groups. Two enhanced anonymous models with personalized protection characteristic, that is, (p,¦Áisg)-sensitive k-anonymity model and (pi,¦Áisg)-sensitive k-anonymity model, are then proposed to resist skew attacks and sensitive attacks. Furthermore, two clustering algorithms with global search and local search are designed to implement our models. Experiment results show that the two enhanced models have outstanding advantages in better privacy at the expense of a little data utility.

Efficient privacy-preserving searchable encryption scheme based on reversible sorting policy in cloud storage

Cao Laicheng, Qirui Wu, Yafei Wang and Guo Xian (School of Computer and Communication, Lanzhou University of Technology, China)

0
Searchable encryption technology gives an effective mechanism for securely searching encrypted data in cloud storage. Recently, the searchable encryption application based on the ciphertext-policy attribute-based encryption (CP-ABE) has become the research focus. However, the computation time of the current CP-ABE schemes are large and the time cost of the users is high. In this paper, we propose a CP-ABE searchable encryption (CP-ABE-SE) scheme based on the reversible sorting algorithm in cloud storage. The data owner only needs to do the data sorting computation on his own data, while the encryption operation that costs more system resources is handed over to the cloud server with powerful computing resources. Similarly, when the data user has searched for the ciphertext, the cloud server first performs the pre-decryption operation, and then the data user can get the searched data plaintext by the reversible sorting operation, which costs less computing resources of the data user. Based on CP-ABE scheme, the trusted authority uses the attributes of the data user and cloud server provider (CSP) to generate their access control private key, which is used to compute the search trapdoor. Only when the search trapdoor matches the keyword ciphertext, the CSP can return the searched data ciphertext. Security proof results show that our scheme has privacy preserving. And the theory and experiments analysis results demonstrate that our scheme can reduce the computation time cost of the data user and the data owner effectively.

Dual Privacy-Preserving Health Data Aggregation Scheme Assisted by Medical Edge Computing

Chengzhe Lai (Xi'an University of Posts and Telecommunications, China); Jinke Wan (Xi'an University of Posts and Telecommunications, China); Dong Zheng (Xi'an University of Posts & Telecommunications, China)

0
In the healthcare system, patients equipped with resource-limited medical devices generate a huge amount of health data. Collected from distributed medical devices, these health data has significant value for public health management. The data aggregation technique can be used to collect health data and effectively reduce communication bandwidth. However, the exiting health data aggregation schemes only retrieve the aggregated result, which constrains the usage of the aggregate function. Besides, there are some security and privacy issues, such as the disclosure of patients' identities, the attacks from malicious users, etc. In this paper, we propose a medical edge computing aided health data aggregation scheme with dual privacy preservation. Specially, the health data can be encoded to achieve recoverable health data aggregation by using Mykletun's algorithm. In addition, dynamic and traceable pseudonym technique is used to prevent the disclosure of patient identity after multiple data submissions. Furthermore, we use the reputation score to prevent attacks from malicious users. Meanwhile, fair incentive mechanism is adopted to stimulate patients to contribute their health data. To eliminate key escrow problem and improve the efficiency of authentication, the certificateless aggregate signature without pairing is utilized. Security analysis shows that our scheme can not only guarantee the privacy, confidentiality and integrity of health data, but also resist to the attacks from external and internal malicious users. Performance evaluation demonstrates that the computational cost of our scheme on the edge server and cloud server is superior to other schemes.

Private, Fair, and Verifiable Aggregate Statistics for Mobile Crowdsensing in Blockchain Era

Miao He and Jianbing Ni (Queen's University); Dongxiao Liu (University of Waterloo, Canada); Haomiao Yang (University of Electronic Science and Technology of China, China); Sherman Shen (University of Waterloo, Canada)

1
In this paper, we propose FairCrowd, a private, fair, and verifiable framework for aggregate statistics in mobile crowdsensing based on the public blockchain. In specific, mobile users are incentivized to collect and share private data values (e.g., current locations) to fulfill a commonly interested task released by a customer, and the crowdsensing server computes aggregate statistics over the values of mobile users (e.g., the most popular location) for the customer. By utilizing the ElGamal encryption, the server learns nearly nothing about the private data or the statistical result. The correctness of aggregate statistics can be publicly verified by using a new efficient and verifiable computation approach. Moreover, the fairness of incentive is guaranteed based on the public blockchain in the presence of greedy service provider, customers, and mobile users, who may launch payment-escaping, payment-reduction, free-riding, double-reporting, and Sybil attacks to corrupt reward distribution. Finally, FairCrowd is proved to achieve verifiable aggregate statistics with privacy preservation for mobile users. Extensive experiments are conducted to demonstrate the high efficiency of FairCrowd for aggregate statistics in mobile crowdsensing.

Session Chair

Chengzhe Lai, Dongfeng Fang

Session CIS-02

Network Security 1

Conference
3:10 PM — 4:40 PM CST
Local
Aug 10 Mon, 12:10 AM — 1:40 AM PDT

Coordinated Multi-Point Secure Transmissions in mmWave Cellular Networks

Hao-Wen Liu (Xi'an JiaoTong University, China); Tong-Xing Zheng (Xi'an Jiaotong Unviersity, China); Yating Wen, ShaoDi Wang, Zhaowei Wang and Hui-Ming Wang (Xi'an Jiaotong University, China)

0
In this paper, we study the coordinated multi-point secure transmissions in mmWave cellular networks against randomly distributed eavesdroppers. We analyse and optimize security performance in terms of secrecy throughput under a stochastic geometry framework. We first introduce coordinated multi-point (CoMP) transmission schemes with and without exploiting artificial noise (AN), and then derive analytical expressions for connection outage probability (COP) and secrecy outage probability (SOP) which are used to characterize transmission reliability and secrecy, respectively. Based on the obtained analytical results, we maximize the secrecy throughput subject to an SOP constraint by jointly designing transmission rates and the power allocation of the AN scheme. Numerical results are also presented to validate the theoretical analyses and to demonstrate the security performance of our proposed transmission schemes. Interestingly, our results show that the CoMP with AN can bring a remarkable improvement for secrecy throughput particularly when facing a rigorous secrecy constraint.

Hybrid Precoding Design for Security MU-MISO SWIPT Millimeter Wave Systems

Chi Zhang (ZhengZhou University, China); Zhengyu Zhu and Ning Wang (Zhengzhou University, China)

0
In this paper, we investigate the hybrid precoding design for security multi-user multi-input single-output simultaneous wireless information and power transfer (SWIPT) millimeter Wave (mmWave) system. Digital precoding and analog precoding are designed by minimizing the transmit power subject to the target security rate, the target harvested power, the total transmit power and analog precoding unit amplitude constraints. Obviously, the formulated problem is non-convex and the two sets of design variables are coupled. To deal with the complicated problem, we employ an alternating optimization method to divide the primary problem into two subproblems. Specifically, for the problem of digital precoding design, we first propose a two-layer optimization approach to solve it. To reduce the computational complexity, we further introduce a successive convex approximation approach. Then, for the problem of analog precoding design, we put forward a novel phase matching algorithm to tackle it. Analog precoding and digital precoding are iteratively calculated until convergence. Simulation results present the effectiveness of proposed hybrid precoding algorithms.

A Stigmergy Learning Approach at the Edge: Securely Cooperative Caching for Fog Radio Access Networks

Yajuan Qiao and Yang Liu (Beijing University of Posts and Telecommunications, China); Mugen Peng (Beijing University of posts & Telecommunications, China); Wenyun Chen and Falu Xiao (Beijing University of Posts and Telecommunications, China)

0
To support the rapid development of multimedia services under the Internet of Things (IoT), fog radio access network (F-RAN) has become an emerging architecture in the 5G era. In this paper, content caching in a cloud and fog heterogeneous cooperative manner for F-RAN is investigated. More specifically, we jointly consider cache placement and file transmission in F-RAN, where fog access points (F-APs) serving as collaborative caching agents to provide caching for popular files, thus reducing the traffic from cloud and improving content delivery efficiency. A file download latency minimization problem subject to the storage capacities of F-APs is formulated. A distributed learning algorithm based on a swarm collaboration framework, i.e., stigmergy which enables an F-AP to expand its influence to other F-APs is proposed to improve caching resource utilization. In addition, a double-masking protocol is proposed to guarantee the security of F-APs' locations during stigmergy learning. Extensive simulations are conducted to show the effectiveness and reliability of our proposed scheme.

Towards High-efficient QoT Prediction of Wide-area Optical Backbone Network: A Reservoir Computing View

Yingqi Li, Jialin Wang, Cai Di, Li Zhigang, Duomin Fu and Linlin Qin (North China University of Science and Technology, China)

0
Wide-area optical backbone network provides crucial support for the fifth-generation (5G) development. Precise quality of transmission (QoT) prediction is conducive to assisting in the automatic low-margin network configurations to meet the demands of the 5G network, such as high reliability, high efficiency, and low latency. At present, machine learning has been developed to capture the valuable information hidden in the QoT data, whereas it is still a challenging problem for these existing models to simultaneously ensure prediction accuracy and training efficiency. To address this issue, a novel QoT prediction method based on reservoir computing is proposed, considering echo state network and its variants. The basic idea is that nonlinearity can be dealt by means of linear regression in the high-dimension "reservoir" state space. On real-world QoT time series benchmark, the experimental results show that our proposals significantly outperform the state-of-the-art models for single-channel QoT prediction. Besides, their superiorities are reconfirmed by statistical analysis.

GATAE: Graph Attention-based Anomaly Detection on Attributed Networks

Ziquan You (Shanghai Jiao Tong Universuty, China); Xiaoying Gan and Luoyi Fu (Shanghai Jiao Tong University, China); Zhen Wang (The Third Research Institute Of The Ministry Of Public Security, China)

0
Anomaly detection on attributed network has broad applications in many practical scenarios. Most of existing methods figure out the anomaly detection task by using graph convolution networks to embed the attributed networks. However, these methods will inevitably suffer over-smoothing problems. To approach this problem, in this paper, we propose a graph attention-based autoencoder model. Firstly, we encode the attributed network with a graph attention network. The attention mechanism not only alleviate the over-smoothing problem, but also help encoder learn nodes' representation better. Secondly, we use two decoders to reconstruct the original network and obtain reconstruction errors subsequently. Thus, we are able to detect anomalies by measuring the reconstruction errors. Experiments on real-word datasets show that our proposed model has better performance than other baseline methods in AUC score.

Session Chair

Dongfeng Fang, Qichao Xu

Session CIS-03

Network Security 2

Conference
4:50 PM — 6:20 PM CST
Local
Aug 10 Mon, 1:50 AM — 3:20 AM PDT

Secure Transmission Based on Non-Overlapping AOA in Cell-Free Massive MIMO Networks

Jiahua Qiu (Army Engineering University of PLA); Kui Xu and Xiaochen Xia (Army Engineering University of PLA, China)

1
In this paper, we mainly study the secure transmission method of cell-free massive multiple-input multiple-output (MIMO) system under active eavesdropping. In cell-free massive MIMO system, active pilot attacks will seriously affect the uplink channel estimation and secure transmission. In order to effectively reduce the impact of active pilot attacks on downlink transmission, this paper proposes a channel estimation algorithm based on the non-overlapping angle of arrival (AOA) to improve channel estimation accuracy. First of all, we propose an access point (AP) selection strategy based on AOA information to select APs that provides services for users. Then according to non-overlapping AOA between legitimate user and eavesdropper, we use discrete Fourier transform (DFT) to distinguish the uplink channels of legitimate user and eavesdropper from the angle domain, thereby eliminating the pilot contamination caused by active pilot attacks. Finally, we obtain the downlink transmission secrecy rate of cell-free massive MIMO system under the multipath channel model. The results show that the proposed channel estimation algorithm can reduce the estimation error by 2-10 dB compared with least-square (LS) estimation, and can increase the secrecy rate of 4 bit/s/Hz at most, which effectively enhances the secure transmission performance of cell-free massive MIMO in strong interference environment.

Secure Cognitive Communication via Cooperative Jamming

Keting Wu, Dawei Wang, Ruonan Zhang and Daosen Zhai (Northwestern Polytechnical University, China)

0
Nowadays, unmanned aerial vehicles (UAVs) are widely used to ensure the security of wireless communications. In this paper, we propose a cooperative jamming scheme to secure cognitive radio (CR) networks. In the proposed scheme, the source UAV transmits confidential information to ground users. Because of the presence of an eavesdropper (Eve), the UAV jammer sends friendly interference signals to protect private information. It should be noted that the primary transmission of CR networks cannot be disturbed. Therefore, we formulate an optimization problem to maximize the average secrecy rate under the constraint of primary interference. Since trajectory planning and power control are coupled, we propose the alternative optimization (AO) algorithm. Furthermore, as the sub-problems are non-convex, sequential convex approximation (SCA) algorithm is a good choice, which makes our scheme converge to the Karush-Kuhn-Tucker point. Simulation results show that the joint optimization of power and trajectory of our proposed scheme is effective for improving the systematic secure performance.

A Secure Transmission Scheme Based on Efficient Transmission Fountain Code

Le Chai, Pinyi Ren and Qinghe Du (Xi'an Jiaotong University, China)

0
Improving the security of data transmission in wireless channels is a key and challenging problem in wireless communication. This paper presents a data security transmission scheme based on high efficiency fountain code. If the legitimate receiver can decode all the original files before the eavesdropper, it can guarantee the safe transmission of the data, so we use the efficient coding scheme of the fountain code to ensure the efficient transmission of the data, and add the feedback mechanism to the transmission of the fountain code so that the coding scheme can be updated dynamically according to the decoding situation of the legitimate receiver. Simulation results show that the scheme has high security and transmitter transmission efficiency in the presence of eavesdropping scenarios.

Precoding and Destination-aided Cooperative Jamming in MIMO Untrusted Relay Systems

Luyuan Zhang (Beijing University of Posts and Telecommunications, China); Hang Long (Beijing University of Posts & Telecommunications, China); Li Huang (Beijing University of Posts and Telecommunications, China)

1
In this paper, secrecy communications with cooperative jamming in a two-hop one-way untrusted relay system is studied. Assuming that all nodes are equipped with multiple antennas, new precoding designs are proposed to increase the secrecy capacity. Two situations are considered, namely only designing precoding vector for jamming signal when user signal has been determined, and designing precoding vectors for both user and jamming signals by jointly considering the source node. For each situation, two alignment algorithms are proposed, namely zero-forcing-based (ZF) alignment algorithm and minimum-mean-squared-error-based (MMSE) alignment algorithm. Both algorithms are designed to ensure that the equivalent wiretap channel matrix forms two aligned vectors. The channel vector from the destination node is designed to be aligned with that from the source node, so that the eavesdropping node cannot decode user signals. Analytical and simulation results show that all proposed scheme can achieve secure communication, and the MMSE algorithm performs better than the ZF. In addition, the destination-relay link has greater impact on the secrecy performance than the relay-destination link.

Impact of Cooperative Attack on User Scheduling in Massive MIMO Systems

ShaoDi Wang and Hui-Ming Wang (Xi'an Jiaotong University, China)

0
In this paper, the downlink user scheduling design of a massive multiple-input multiple-output (MIMO) is investigated in the presence of multiple active attackers. A large-scale antenna array base station (BS) with zero-forcing (ZF) precoders transmits confidential information to multiple scheduled users via random user selection. Meanwhile, multiple active attackers collaboratively contaminate the uplink channel estimates by sending pilot sequences identical to those of the legitimate users, aiming at minimizing the number of scheduled users of the legitimate system. First, we evaluate the impact of this cooperative attack on the uplink channel training results and derive an analytical expression for the achievable downlink sum-rate of ZF precoders aided massive MIMO system. Then, relying on the random matrix theory (RMT)-based large-system analysis, we derive a deterministic approximation of the achievable downlink sum- rate. Furthermore, we formulated an optimization problem from the standpoint of the attackers to minimize the number of the scheduled users. Numerical results verify the correctness of the theoretical analyses, and reveal that cooperative attack has a great impact on the downlink user scheduling design.

Session Chair

Qinghe Du, Ning Zhang

Made with in Toronto · Privacy Policy · © 2022 Duetone Corp.