Due to the presence of a large amount of personal sensitive information in social networks,privacy preservation issues in social networks have attracted the attention of many scholars.Inspired by the self-nonself disc...Due to the presence of a large amount of personal sensitive information in social networks,privacy preservation issues in social networks have attracted the attention of many scholars.Inspired by the self-nonself discrimination paradigmin the biological immune system,the negative representation of information indicates features such as simplicity and efficiency,which is very suitable for preserving social network privacy.Therefore,we suggest a method to preserve the topology privacy and node attribute privacy of attribute social networks,called AttNetNRI.Specifically,a negative survey-based method is developed to disturb the relationship between nodes in the social network so that the topology structure can be kept private.Moreover,a negative database-based method is proposed to hide node attributes,so that the privacy of node attributes can be preserved while supporting the similarity estimation between different node attributes,which is crucial to the analysis of social networks.To evaluate the performance of the AttNetNRI,empirical studies have been conducted on various attribute social networks and compared with several state-of-the-art methods tailored to preserve the privacy of social networks.The experimental results show the superiority of the developed method in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topology disturbing and attribute hiding parts.The experimental results show the superiority of the developed methods in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topological interference and attribute-hiding components.展开更多
As a distributed machine learning method,federated learning(FL)has the advantage of naturally protecting data privacy.It keeps data locally and trains local models through local data to protect the privacy of local da...As a distributed machine learning method,federated learning(FL)has the advantage of naturally protecting data privacy.It keeps data locally and trains local models through local data to protect the privacy of local data.The federated learning method effectively solves the problem of artificial Smart data islands and privacy protection issues.However,existing research shows that attackersmay still steal user information by analyzing the parameters in the federated learning training process and the aggregation parameters on the server side.To solve this problem,differential privacy(DP)techniques are widely used for privacy protection in federated learning.However,adding Gaussian noise perturbations to the data degrades the model learning performance.To address these issues,this paper proposes a differential privacy federated learning scheme based on adaptive Gaussian noise(DPFL-AGN).To protect the data privacy and security of the federated learning training process,adaptive Gaussian noise is specifically added in the training process to hide the real parameters uploaded by the client.In addition,this paper proposes an adaptive noise reduction method.With the convergence of the model,the Gaussian noise in the later stage of the federated learning training process is reduced adaptively.This paper conducts a series of simulation experiments on realMNIST and CIFAR-10 datasets,and the results show that the DPFL-AGN algorithmperforms better compared to the other algorithms.展开更多
With the rapid development of information technology,IoT devices play a huge role in physiological health data detection.The exponential growth of medical data requires us to reasonably allocate storage space for clou...With the rapid development of information technology,IoT devices play a huge role in physiological health data detection.The exponential growth of medical data requires us to reasonably allocate storage space for cloud servers and edge nodes.The storage capacity of edge nodes close to users is limited.We should store hotspot data in edge nodes as much as possible,so as to ensure response timeliness and access hit rate;However,the current scheme cannot guarantee that every sub-message in a complete data stored by the edge node meets the requirements of hot data;How to complete the detection and deletion of redundant data in edge nodes under the premise of protecting user privacy and data dynamic integrity has become a challenging problem.Our paper proposes a redundant data detection method that meets the privacy protection requirements.By scanning the cipher text,it is determined whether each sub-message of the data in the edge node meets the requirements of the hot data.It has the same effect as zero-knowledge proof,and it will not reveal the privacy of users.In addition,for redundant sub-data that does not meet the requirements of hot data,our paper proposes a redundant data deletion scheme that meets the dynamic integrity of the data.We use Content Extraction Signature(CES)to generate the remaining hot data signature after the redundant data is deleted.The feasibility of the scheme is proved through safety analysis and efficiency analysis.展开更多
In recent years,the research field of data collection under local differential privacy(LDP)has expanded its focus fromelementary data types to includemore complex structural data,such as set-value and graph data.Howev...In recent years,the research field of data collection under local differential privacy(LDP)has expanded its focus fromelementary data types to includemore complex structural data,such as set-value and graph data.However,our comprehensive review of existing literature reveals that there needs to be more studies that engage with key-value data collection.Such studies would simultaneously collect the frequencies of keys and the mean of values associated with each key.Additionally,the allocation of the privacy budget between the frequencies of keys and the means of values for each key does not yield an optimal utility tradeoff.Recognizing the importance of obtaining accurate key frequencies and mean estimations for key-value data collection,this paper presents a novel framework:the Key-Strategy Framework forKey-ValueDataCollection under LDP.Initially,theKey-StrategyUnary Encoding(KS-UE)strategy is proposed within non-interactive frameworks for the purpose of privacy budget allocation to achieve precise key frequencies;subsequently,the Key-Strategy Generalized Randomized Response(KS-GRR)strategy is introduced for interactive frameworks to enhance the efficiency of collecting frequent keys through group-anditeration methods.Both strategies are adapted for scenarios in which users possess either a single or multiple key-value pairs.Theoretically,we demonstrate that the variance of KS-UE is lower than that of existing methods.These claims are substantiated through extensive experimental evaluation on real-world datasets,confirming the effectiveness and efficiency of the KS-UE and KS-GRR strategies.展开更多
The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There ...The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.展开更多
Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the...Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the effectiveness of migratory phototropic pest control. However, since the SIL is connected to the Internet, it is vulnerable to various security issues.These issues can lead to serious consequences, such as tampering with the parameters of SIL, illegally starting and stopping SIL,etc. In this paper, we describe the overall security requirements of SIL-IoT and present an extensive survey of security and privacy solutions for SIL-IoT. We investigate the background and logical architecture of SIL-IoT, discuss SIL-IoT security scenarios, and analyze potential attacks. Starting from the security requirements of SIL-IoT we divide them into six categories, namely privacy, authentication, confidentiality, access control, availability,and integrity. Next, we describe the SIL-IoT privacy and security solutions, as well as the blockchain-based solutions. Based on the current survey, we finally discuss the challenges and future research directions of SIL-IoT.展开更多
The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among th...The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among the pivotal applications within the realm of IoT,as a significant example,the Smart Grid(SG)evolves into intricate networks of energy deployment marked by data integration.This evolution concurrently entails data interchange with other IoT entities.However,there are also several challenges including data-sharing overheads and the intricate establishment of trusted centers in the IoT ecosystem.In this paper,we introduce a hierarchical secure data-sharing platform empowered by cloud-fog integration.Furthermore,we propose a novel non-interactive zero-knowledge proof-based group authentication and key agreement protocol that supports one-to-many sharing sets of IoT data,especially SG data.The security formal verification tool shows that the proposed scheme can achieve mutual authentication and secure data sharing while protecting the privacy of data providers.Compared with previous IoT data sharing schemes,the proposed scheme has advantages in both computational and transmission efficiency,and has more superiority with the increasing volume of shared data or increasing number of participants.展开更多
Human mobility prediction is important for many applications.However,training an accurate mobility prediction model requires a large scale of human trajectories,where privacy issues become an important problem.The ris...Human mobility prediction is important for many applications.However,training an accurate mobility prediction model requires a large scale of human trajectories,where privacy issues become an important problem.The rising federated learning provides us with a promising solution to this problem,which enables mobile devices to collaboratively learn a shared prediction model while keeping all the training data on the device,decoupling the ability to do machine learning from the need to store the data in the cloud.However,existing federated learningbased methods either do not provide privacy guarantees or have vulnerability in terms of privacy leakage.In this paper,we combine the techniques of data perturbation and model perturbation mechanisms and propose a privacy-preserving mobility prediction algorithm,where we add noise to the transmitted model and the raw data collaboratively to protect user privacy and keep the mobility prediction performance.Extensive experimental results show that our proposed method significantly outperforms the existing stateof-the-art mobility prediction method in terms of defensive performance against practical attacks while having comparable mobility prediction performance,demonstrating its effectiveness.展开更多
The overgeneralisation may happen because most studies on data publishing for multiple sensitive attributes(SAs)have not considered the personalised privacy requirement.Furthermore,sensitive information disclosure may...The overgeneralisation may happen because most studies on data publishing for multiple sensitive attributes(SAs)have not considered the personalised privacy requirement.Furthermore,sensitive information disclosure may also be caused by these personalised requirements.To address the matter,this article develops a personalised data publishing method for multiple SAs.According to the requirements of individuals,the new method partitions SAs values into two categories:private values and public values,and breaks the association between them for privacy guarantees.For the private values,this paper takes the process of anonymisation,while the public values are released without this process.An algorithm is designed to achieve the privacy mode,where the selectivity is determined by the sensitive value frequency and undesirable objects.The experimental results show that the proposed method can provide more information utility when compared with previous methods.The theoretic analyses and experiments also indicate that the privacy can be guaranteed even though the public values are known to an adversary.The overgeneralisation and privacy breach caused by the personalised requirement can be avoided by the new method.展开更多
The literary review presented in the following paper aims to analyze the tracking tools used in different countries during the period of the COVID-19 pandemic. Tracking apps that have been adopted in many countries to...The literary review presented in the following paper aims to analyze the tracking tools used in different countries during the period of the COVID-19 pandemic. Tracking apps that have been adopted in many countries to collect data in a homogeneous and immediate way have made up for the difficulty of collecting data and standardizing evaluation criteria. However, the regulation on the protection of personal data in the health sector and the adoption of the new General Data Protection Regulation in European countries has placed a strong limitation on their use. This has not been the case in non-European countries, where monitoring methodologies have become widespread. The textual analysis presented is based on co-occurrence and multiple correspondence analysis to show the contact tracing methods adopted in different countries in the pandemic period by relating them to the issue of privacy. It also analyzed the possibility of applying Blockchain technology in applications for tracking contagions from COVID-19 and managing health data to provide a high level of security and transparency, including through anonymization, thus increasing user trust in using the apps.展开更多
The proliferation of Large Language Models (LLMs) across various sectors underscored the urgency of addressing potential privacy breaches. Vulnerabilities, such as prompt injection attacks and other adversarial tactic...The proliferation of Large Language Models (LLMs) across various sectors underscored the urgency of addressing potential privacy breaches. Vulnerabilities, such as prompt injection attacks and other adversarial tactics, could make these models inadvertently disclose their training data. Such disclosures could compromise personal identifiable information, posing significant privacy risks. In this paper, we proposed a novel multi-faceted approach called Whispered Tuning to address privacy leaks in large language models (LLMs). We integrated a PII redaction model, differential privacy techniques, and an output filter into the LLM fine-tuning process to enhance confidentiality. Additionally, we introduced novel ideas like the Epsilon Dial for adjustable privacy budgeting for differentiated Training Phases per data handler role. Through empirical validation, including attacks on non-private models, we demonstrated the robustness of our proposed solution SecureNLP in safeguarding privacy without compromising utility. This pioneering methodology significantly fortified LLMs against privacy infringements, enabling responsible adoption across sectors.展开更多
Multi-Source data plays an important role in the evolution of media convergence.Its fusion processing enables the further mining of data and utilization of data value and broadens the path for the sharing and dissemin...Multi-Source data plays an important role in the evolution of media convergence.Its fusion processing enables the further mining of data and utilization of data value and broadens the path for the sharing and dissemination of media data.However,it also faces serious problems in terms of protecting user and data privacy.Many privacy protectionmethods have been proposed to solve the problemof privacy leakage during the process of data sharing,but they suffer fromtwo flaws:1)the lack of algorithmic frameworks for specific scenarios such as dynamic datasets in the media domain;2)the inability to solve the problem of the high computational complexity of ciphertext in multi-source data privacy protection,resulting in long encryption and decryption times.In this paper,we propose a multi-source data privacy protection method based on homomorphic encryption and blockchain technology,which solves the privacy protection problem ofmulti-source heterogeneous data in the dissemination ofmedia and reduces ciphertext processing time.We deployed the proposedmethod on theHyperledger platformfor testing and compared it with the privacy protection schemes based on k-anonymity and differential privacy.The experimental results showthat the key generation,encryption,and decryption times of the proposedmethod are lower than those in data privacy protection methods based on k-anonymity technology and differential privacy technology.This significantly reduces the processing time ofmulti-source data,which gives it potential for use in many applications.展开更多
Data privacy laws require service providers to inform their customers on how user data is gathered,used,protected,and shared.The General Data ProtectionRegulation(GDPR)is a legal framework that provides guidelines for...Data privacy laws require service providers to inform their customers on how user data is gathered,used,protected,and shared.The General Data ProtectionRegulation(GDPR)is a legal framework that provides guidelines for collecting and processing personal information from individuals.Service providers use privacy policies to outline the ways an organization captures,retains,analyzes,and shares customers’data with other parties.These policies are complex and written using legal jargon;therefore,users rarely read them before accepting them.There exist a number of approaches to automating the task of summarizing privacy policies and assigning risk levels.Most of the existing approaches are not GDPR compliant and use manual annotation/labeling of the privacy text to assign risk level,which is time-consuming and costly.We present a framework that helps users see not only data practice policy compliance with GDPR but also the risk levels to privacy associated with accepting that policy.The main contribution of our approach is eliminating the overhead cost of manual annotation by using the most frequent words in each category to create word-bags,which are used with Regular Expressions and Pointwise Mutual Information scores to assign risk levels that comply with the GDPR guidelines for data protection.We have also developed a web-based application to graphically display risk level reports for any given online privacy policy.Results show that our approach is not only consistent with GDPR but performs better than existing approaches by successfully assigning risk levels with 95.1%accuracy after assigning data practice categories with an accuracy rate of 79%.展开更多
Federated learning is a distributed machine learning technique that trains a global model by exchanging model parameters or intermediate results among multiple data sources. Although federated learning achieves physic...Federated learning is a distributed machine learning technique that trains a global model by exchanging model parameters or intermediate results among multiple data sources. Although federated learning achieves physical isolation of data, the local data of federated learning clients are still at risk of leakage under the attack of malicious individuals. For this reason, combining data protection techniques (e.g., differential privacy techniques) with federated learning is a sure way to further improve the data security of federated learning models. In this survey, we review recent advances in the research of differentially-private federated learning models. First, we introduce the workflow of federated learning and the theoretical basis of differential privacy. Then, we review three differentially-private federated learning paradigms: central differential privacy, local differential privacy, and distributed differential privacy. After this, we review the algorithmic optimization and communication cost optimization of federated learning models with differential privacy. Finally, we review the applications of federated learning models with differential privacy in various domains. By systematically summarizing the existing research, we propose future research opportunities.展开更多
The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremel...The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.展开更多
With the rapid development of information technology and the continuous evolution of personalized ser- vices, huge amounts of data are accumulated by large internet companies in the process of serving users. Moreover,...With the rapid development of information technology and the continuous evolution of personalized ser- vices, huge amounts of data are accumulated by large internet companies in the process of serving users. Moreover, dynamic data interactions increase the intentional/unintentional persistence of private infor- mation in different information systems. However, problems such as the cask principle of preserving pri- vate information among different information systems and the dif culty of tracing the source of privacy violations are becoming increasingly serious. Therefore, existing privacy-preserving schemes cannot pro- vide systematic privacy preservation. In this paper, we examine the links of the information life-cycle, such as information collection, storage, processing, distribution, and destruction. We then propose a the- ory of privacy computing and a key technology system that includes a privacy computing framework, a formal de nition of privacy computing, four principles that should be followed in privacy computing, ffect algorithm design criteria, evaluation of the privacy-preserving effect, and a privacy computing language. Finally, we employ four application scenarios to describe the universal application of privacy computing, and discuss the prospect of future research trends. This work is expected to guide theoretical research on user privacy preservation within open environments.展开更多
Online Social Networks (OSN) sites allow end-users to share agreat deal of information, which may also contain sensitive information,that may be subject to commercial or non-commercial privacy attacks. Asa result, gua...Online Social Networks (OSN) sites allow end-users to share agreat deal of information, which may also contain sensitive information,that may be subject to commercial or non-commercial privacy attacks. Asa result, guaranteeing various levels of privacy is critical while publishingdata by OSNs. The clustering-based solutions proved an effective mechanismto achieve the privacy notions in OSNs. But fixed clustering limits theperformance and scalability. Data utility degrades with increased privacy,so balancing the privacy utility trade-off is an open research issue. Theresearch has proposed a novel privacy preservation model using the enhancedclustering mechanism to overcome this issue. The proposed model includesphases like pre-processing, enhanced clustering, and ensuring privacy preservation.The enhanced clustering algorithm is the second phase where authorsmodified the existing fixed k-means clustering using the threshold approach.The threshold value is determined based on the supplied OSN data of edges,nodes, and user attributes. Clusters are k-anonymized with multiple graphproperties by a novel one-pass algorithm. After achieving the k-anonymityof clusters, optimization was performed to achieve all privacy models, suchas k-anonymity, t-closeness, and l-diversity. The proposed privacy frameworkachieves privacy of all three network components, i.e., link, node, and userattributes, with improved utility. The authors compare the proposed techniqueto underlying methods using OSN Yelp and Facebook datasets. The proposedapproach outperformed the underlying state of art methods for Degree ofAnonymization, computational efficiency, and information loss.展开更多
Nowadays,smart wearable devices are used widely in the Social Internet of Things(IoT),which record human physiological data in real time.To protect the data privacy of smart devices,researchers pay more attention to f...Nowadays,smart wearable devices are used widely in the Social Internet of Things(IoT),which record human physiological data in real time.To protect the data privacy of smart devices,researchers pay more attention to federated learning.Although the data leakage problem is somewhat solved,a new challenge has emerged.Asynchronous federated learning shortens the convergence time,while it has time delay and data heterogeneity problems.Both of the two problems harm the accuracy.To overcome these issues,we propose an asynchronous federated learning scheme based on double compensation to solve the problem of time delay and data heterogeneity problems.The scheme improves the Delay Compensated Asynchronous Stochastic Gradient Descent(DC-ASGD)algorithm based on the second-order Taylor expansion as the delay compensation.It adds the FedProx operator to the objective function as the heterogeneity compensation.Besides,the proposed scheme motivates the federated learning process by adjusting the importance of the participants and the central server.We conduct multiple sets of experiments in both conventional and heterogeneous scenarios.The experimental results show that our scheme improves the accuracy by about 5%while keeping the complexity constant.We can find that our scheme converges more smoothly during training and adapts better in heterogeneous environments through numerical experiments.The proposed double-compensation-based federated learning scheme is highly accurate,flexible in terms of participants and smooth the training process.Hence it is deemed suitable for data privacy protection of smart wearable devices.展开更多
With the increasing number of smart devices and the development of machine learning technology,the value of users’personal data is becoming more and more important.Based on the premise of protecting users’personal p...With the increasing number of smart devices and the development of machine learning technology,the value of users’personal data is becoming more and more important.Based on the premise of protecting users’personal privacy data,federated learning(FL)uses data stored on edge devices to realize training tasks by contributing training model parameters without revealing the original data.However,since FL can still leak the user’s original data by exchanging gradient information.The existing privacy protection strategy will increase the uplink time due to encryption measures.It is a huge challenge in terms of communication.When there are a large number of devices,the privacy protection cost of the system is higher.Based on these issues,we propose a privacy-preserving scheme of user-based group collaborative federated learning(GrCol-PPFL).Our scheme primarily divides participants into several groups and each group communicates in a chained transmission mechanism.All groups work in parallel at the same time.The server distributes a random parameter with the same dimension as the model parameter for each participant as a mask for the model parameter.We use the public datasets of modified national institute of standards and technology database(MNIST)to test the model accuracy.The experimental results show that GrCol-PPFL not only ensures the accuracy of themodel,but also ensures the security of the user’s original data when users collude with each other.Finally,through numerical experiments,we show that by changing the number of groups,we can find the optimal number of groups that reduces the uplink consumption time.展开更多
A person’s privacy has become a growing concern,given the nature of an expansive reliance on real-time video activities with video capture,stream,and storage.This paper presents an innovative system design based on a...A person’s privacy has become a growing concern,given the nature of an expansive reliance on real-time video activities with video capture,stream,and storage.This paper presents an innovative system design based on a privacy-preserving model.The proposed system design is implemented by employing an enhanced capability that overcomes today’s single parameterbased access control protection mechanism for digital privacy preservation.The enhanced capability combines multiple access control parameters:facial expression,resource,environment,location,and time.The proposed system design demonstrated that a person’s facial expressions combined with a set of access control rules can achieve a person’s privacy-preserving preferences.The findings resulted in different facial expressions successfully triggering a person’s face to be blurred and a person’s privacy when using a real-time video conferencing service captured from a webcam or virtual webcam.A comparison analysis of capabilities between existing designs and the proposed system design shows enhancement of the capabilities of the proposed system.A series of experiments exercising the enhanced,real-time multi-parameterbased system was shown as a viable path forward for preserving a person’s privacy while using a webcam or virtual webcam to capture,stream,and store videos.展开更多
基金supported by the National Natural Science Foundation of China(Nos.62006001,62372001)the Natural Science Foundation of Chongqing City(Grant No.CSTC2021JCYJ-MSXMX0002).
文摘Due to the presence of a large amount of personal sensitive information in social networks,privacy preservation issues in social networks have attracted the attention of many scholars.Inspired by the self-nonself discrimination paradigmin the biological immune system,the negative representation of information indicates features such as simplicity and efficiency,which is very suitable for preserving social network privacy.Therefore,we suggest a method to preserve the topology privacy and node attribute privacy of attribute social networks,called AttNetNRI.Specifically,a negative survey-based method is developed to disturb the relationship between nodes in the social network so that the topology structure can be kept private.Moreover,a negative database-based method is proposed to hide node attributes,so that the privacy of node attributes can be preserved while supporting the similarity estimation between different node attributes,which is crucial to the analysis of social networks.To evaluate the performance of the AttNetNRI,empirical studies have been conducted on various attribute social networks and compared with several state-of-the-art methods tailored to preserve the privacy of social networks.The experimental results show the superiority of the developed method in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topology disturbing and attribute hiding parts.The experimental results show the superiority of the developed methods in preserving the privacy of attribute social networks and demonstrate the effectiveness of the topological interference and attribute-hiding components.
基金the Sichuan Provincial Science and Technology Department Project under Grant 2019YFN0104the Yibin Science and Technology Plan Project under Grant 2021GY008the Sichuan University of Science and Engineering Postgraduate Innovation Fund Project under Grant Y2022154.
文摘As a distributed machine learning method,federated learning(FL)has the advantage of naturally protecting data privacy.It keeps data locally and trains local models through local data to protect the privacy of local data.The federated learning method effectively solves the problem of artificial Smart data islands and privacy protection issues.However,existing research shows that attackersmay still steal user information by analyzing the parameters in the federated learning training process and the aggregation parameters on the server side.To solve this problem,differential privacy(DP)techniques are widely used for privacy protection in federated learning.However,adding Gaussian noise perturbations to the data degrades the model learning performance.To address these issues,this paper proposes a differential privacy federated learning scheme based on adaptive Gaussian noise(DPFL-AGN).To protect the data privacy and security of the federated learning training process,adaptive Gaussian noise is specifically added in the training process to hide the real parameters uploaded by the client.In addition,this paper proposes an adaptive noise reduction method.With the convergence of the model,the Gaussian noise in the later stage of the federated learning training process is reduced adaptively.This paper conducts a series of simulation experiments on realMNIST and CIFAR-10 datasets,and the results show that the DPFL-AGN algorithmperforms better compared to the other algorithms.
基金sponsored by the National Natural Science Foundation of China under grant number No. 62172353, No. 62302114, No. U20B2046 and No. 62172115Innovation Fund Program of the Engineering Research Center for Integration and Application of Digital Learning Technology of Ministry of Education No.1331007 and No. 1311022+1 种基金Natural Science Foundation of the Jiangsu Higher Education Institutions Grant No. 17KJB520044Six Talent Peaks Project in Jiangsu Province No.XYDXX-108
文摘With the rapid development of information technology,IoT devices play a huge role in physiological health data detection.The exponential growth of medical data requires us to reasonably allocate storage space for cloud servers and edge nodes.The storage capacity of edge nodes close to users is limited.We should store hotspot data in edge nodes as much as possible,so as to ensure response timeliness and access hit rate;However,the current scheme cannot guarantee that every sub-message in a complete data stored by the edge node meets the requirements of hot data;How to complete the detection and deletion of redundant data in edge nodes under the premise of protecting user privacy and data dynamic integrity has become a challenging problem.Our paper proposes a redundant data detection method that meets the privacy protection requirements.By scanning the cipher text,it is determined whether each sub-message of the data in the edge node meets the requirements of the hot data.It has the same effect as zero-knowledge proof,and it will not reveal the privacy of users.In addition,for redundant sub-data that does not meet the requirements of hot data,our paper proposes a redundant data deletion scheme that meets the dynamic integrity of the data.We use Content Extraction Signature(CES)to generate the remaining hot data signature after the redundant data is deleted.The feasibility of the scheme is proved through safety analysis and efficiency analysis.
基金supported by a grant fromthe National Key R&DProgram of China.
文摘In recent years,the research field of data collection under local differential privacy(LDP)has expanded its focus fromelementary data types to includemore complex structural data,such as set-value and graph data.However,our comprehensive review of existing literature reveals that there needs to be more studies that engage with key-value data collection.Such studies would simultaneously collect the frequencies of keys and the mean of values associated with each key.Additionally,the allocation of the privacy budget between the frequencies of keys and the means of values for each key does not yield an optimal utility tradeoff.Recognizing the importance of obtaining accurate key frequencies and mean estimations for key-value data collection,this paper presents a novel framework:the Key-Strategy Framework forKey-ValueDataCollection under LDP.Initially,theKey-StrategyUnary Encoding(KS-UE)strategy is proposed within non-interactive frameworks for the purpose of privacy budget allocation to achieve precise key frequencies;subsequently,the Key-Strategy Generalized Randomized Response(KS-GRR)strategy is introduced for interactive frameworks to enhance the efficiency of collecting frequent keys through group-anditeration methods.Both strategies are adapted for scenarios in which users possess either a single or multiple key-value pairs.Theoretically,we demonstrate that the variance of KS-UE is lower than that of existing methods.These claims are substantiated through extensive experimental evaluation on real-world datasets,confirming the effectiveness and efficiency of the KS-UE and KS-GRR strategies.
基金supported by project TRANSACT funded under H2020-EU.2.1.1.-INDUSTRIAL LEADERSHIP-Leadership in Enabling and Industrial Technologies-Information and Communication Technologies(Grant Agreement ID:101007260).
文摘The widespread and growing interest in the Internet of Things(IoT)may be attributed to its usefulness in many different fields.Physical settings are probed for data,which is then transferred via linked networks.There are several hurdles to overcome when putting IoT into practice,from managing server infrastructure to coordinating the use of tiny sensors.When it comes to deploying IoT,everyone agrees that security is the biggest issue.This is due to the fact that a large number of IoT devices exist in the physicalworld and thatmany of themhave constrained resources such as electricity,memory,processing power,and square footage.This research intends to analyse resource-constrained IoT devices,including RFID tags,sensors,and smart cards,and the issues involved with protecting them in such restricted circumstances.Using lightweight cryptography,the information sent between these gadgets may be secured.In order to provide a holistic picture,this research evaluates and contrasts well-known algorithms based on their implementation cost,hardware/software efficiency,and attack resistance features.We also emphasised how essential lightweight encryption is for striking a good cost-to-performance-to-security ratio.
基金supported in part by the National Natural Science Foundation of China (62072248, 62072247)the Jiangsu Agriculture Science and Technology Innovation Fund (CX(21)3060)。
文摘Solar insecticidal lamps(SIL) can effectively control pests and reduce the use of pesticides. Combining SIL and Internet of Things(IoT) has formed a new type of agricultural IoT,known as SIL-IoT, which can improve the effectiveness of migratory phototropic pest control. However, since the SIL is connected to the Internet, it is vulnerable to various security issues.These issues can lead to serious consequences, such as tampering with the parameters of SIL, illegally starting and stopping SIL,etc. In this paper, we describe the overall security requirements of SIL-IoT and present an extensive survey of security and privacy solutions for SIL-IoT. We investigate the background and logical architecture of SIL-IoT, discuss SIL-IoT security scenarios, and analyze potential attacks. Starting from the security requirements of SIL-IoT we divide them into six categories, namely privacy, authentication, confidentiality, access control, availability,and integrity. Next, we describe the SIL-IoT privacy and security solutions, as well as the blockchain-based solutions. Based on the current survey, we finally discuss the challenges and future research directions of SIL-IoT.
基金supported by the National Key R&D Program of China(No.2022YFB3103400)the National Natural Science Foundation of China under Grants 61932015 and 62172317.
文摘The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among the pivotal applications within the realm of IoT,as a significant example,the Smart Grid(SG)evolves into intricate networks of energy deployment marked by data integration.This evolution concurrently entails data interchange with other IoT entities.However,there are also several challenges including data-sharing overheads and the intricate establishment of trusted centers in the IoT ecosystem.In this paper,we introduce a hierarchical secure data-sharing platform empowered by cloud-fog integration.Furthermore,we propose a novel non-interactive zero-knowledge proof-based group authentication and key agreement protocol that supports one-to-many sharing sets of IoT data,especially SG data.The security formal verification tool shows that the proposed scheme can achieve mutual authentication and secure data sharing while protecting the privacy of data providers.Compared with previous IoT data sharing schemes,the proposed scheme has advantages in both computational and transmission efficiency,and has more superiority with the increasing volume of shared data or increasing number of participants.
基金supported in part by the National Key Research and Development Program of China under 2020AAA0106000the National Natural Science Foundation of China under U20B2060 and U21B2036supported by a grant from the Guoqiang Institute, Tsinghua University under 2021GQG1005
文摘Human mobility prediction is important for many applications.However,training an accurate mobility prediction model requires a large scale of human trajectories,where privacy issues become an important problem.The rising federated learning provides us with a promising solution to this problem,which enables mobile devices to collaboratively learn a shared prediction model while keeping all the training data on the device,decoupling the ability to do machine learning from the need to store the data in the cloud.However,existing federated learningbased methods either do not provide privacy guarantees or have vulnerability in terms of privacy leakage.In this paper,we combine the techniques of data perturbation and model perturbation mechanisms and propose a privacy-preserving mobility prediction algorithm,where we add noise to the transmitted model and the raw data collaboratively to protect user privacy and keep the mobility prediction performance.Extensive experimental results show that our proposed method significantly outperforms the existing stateof-the-art mobility prediction method in terms of defensive performance against practical attacks while having comparable mobility prediction performance,demonstrating its effectiveness.
基金Doctoral research start-up fund of Guangxi Normal UniversityGuangzhou Research Institute of Communication University of China Common Construction Project,Sunflower-the Aging Intelligent CommunityGuangxi project of improving Middle-aged/Young teachers'ability,Grant/Award Number:2020KY020323。
文摘The overgeneralisation may happen because most studies on data publishing for multiple sensitive attributes(SAs)have not considered the personalised privacy requirement.Furthermore,sensitive information disclosure may also be caused by these personalised requirements.To address the matter,this article develops a personalised data publishing method for multiple SAs.According to the requirements of individuals,the new method partitions SAs values into two categories:private values and public values,and breaks the association between them for privacy guarantees.For the private values,this paper takes the process of anonymisation,while the public values are released without this process.An algorithm is designed to achieve the privacy mode,where the selectivity is determined by the sensitive value frequency and undesirable objects.The experimental results show that the proposed method can provide more information utility when compared with previous methods.The theoretic analyses and experiments also indicate that the privacy can be guaranteed even though the public values are known to an adversary.The overgeneralisation and privacy breach caused by the personalised requirement can be avoided by the new method.
文摘The literary review presented in the following paper aims to analyze the tracking tools used in different countries during the period of the COVID-19 pandemic. Tracking apps that have been adopted in many countries to collect data in a homogeneous and immediate way have made up for the difficulty of collecting data and standardizing evaluation criteria. However, the regulation on the protection of personal data in the health sector and the adoption of the new General Data Protection Regulation in European countries has placed a strong limitation on their use. This has not been the case in non-European countries, where monitoring methodologies have become widespread. The textual analysis presented is based on co-occurrence and multiple correspondence analysis to show the contact tracing methods adopted in different countries in the pandemic period by relating them to the issue of privacy. It also analyzed the possibility of applying Blockchain technology in applications for tracking contagions from COVID-19 and managing health data to provide a high level of security and transparency, including through anonymization, thus increasing user trust in using the apps.
文摘The proliferation of Large Language Models (LLMs) across various sectors underscored the urgency of addressing potential privacy breaches. Vulnerabilities, such as prompt injection attacks and other adversarial tactics, could make these models inadvertently disclose their training data. Such disclosures could compromise personal identifiable information, posing significant privacy risks. In this paper, we proposed a novel multi-faceted approach called Whispered Tuning to address privacy leaks in large language models (LLMs). We integrated a PII redaction model, differential privacy techniques, and an output filter into the LLM fine-tuning process to enhance confidentiality. Additionally, we introduced novel ideas like the Epsilon Dial for adjustable privacy budgeting for differentiated Training Phases per data handler role. Through empirical validation, including attacks on non-private models, we demonstrated the robustness of our proposed solution SecureNLP in safeguarding privacy without compromising utility. This pioneering methodology significantly fortified LLMs against privacy infringements, enabling responsible adoption across sectors.
基金funded by the High-Quality and Cutting-Edge Discipline Construction Project for Universities in Beijing (Internet Information,Communication University of China).
文摘Multi-Source data plays an important role in the evolution of media convergence.Its fusion processing enables the further mining of data and utilization of data value and broadens the path for the sharing and dissemination of media data.However,it also faces serious problems in terms of protecting user and data privacy.Many privacy protectionmethods have been proposed to solve the problemof privacy leakage during the process of data sharing,but they suffer fromtwo flaws:1)the lack of algorithmic frameworks for specific scenarios such as dynamic datasets in the media domain;2)the inability to solve the problem of the high computational complexity of ciphertext in multi-source data privacy protection,resulting in long encryption and decryption times.In this paper,we propose a multi-source data privacy protection method based on homomorphic encryption and blockchain technology,which solves the privacy protection problem ofmulti-source heterogeneous data in the dissemination ofmedia and reduces ciphertext processing time.We deployed the proposedmethod on theHyperledger platformfor testing and compared it with the privacy protection schemes based on k-anonymity and differential privacy.The experimental results showthat the key generation,encryption,and decryption times of the proposedmethod are lower than those in data privacy protection methods based on k-anonymity technology and differential privacy technology.This significantly reduces the processing time ofmulti-source data,which gives it potential for use in many applications.
文摘Data privacy laws require service providers to inform their customers on how user data is gathered,used,protected,and shared.The General Data ProtectionRegulation(GDPR)is a legal framework that provides guidelines for collecting and processing personal information from individuals.Service providers use privacy policies to outline the ways an organization captures,retains,analyzes,and shares customers’data with other parties.These policies are complex and written using legal jargon;therefore,users rarely read them before accepting them.There exist a number of approaches to automating the task of summarizing privacy policies and assigning risk levels.Most of the existing approaches are not GDPR compliant and use manual annotation/labeling of the privacy text to assign risk level,which is time-consuming and costly.We present a framework that helps users see not only data practice policy compliance with GDPR but also the risk levels to privacy associated with accepting that policy.The main contribution of our approach is eliminating the overhead cost of manual annotation by using the most frequent words in each category to create word-bags,which are used with Regular Expressions and Pointwise Mutual Information scores to assign risk levels that comply with the GDPR guidelines for data protection.We have also developed a web-based application to graphically display risk level reports for any given online privacy policy.Results show that our approach is not only consistent with GDPR but performs better than existing approaches by successfully assigning risk levels with 95.1%accuracy after assigning data practice categories with an accuracy rate of 79%.
文摘Federated learning is a distributed machine learning technique that trains a global model by exchanging model parameters or intermediate results among multiple data sources. Although federated learning achieves physical isolation of data, the local data of federated learning clients are still at risk of leakage under the attack of malicious individuals. For this reason, combining data protection techniques (e.g., differential privacy techniques) with federated learning is a sure way to further improve the data security of federated learning models. In this survey, we review recent advances in the research of differentially-private federated learning models. First, we introduce the workflow of federated learning and the theoretical basis of differential privacy. Then, we review three differentially-private federated learning paradigms: central differential privacy, local differential privacy, and distributed differential privacy. After this, we review the algorithmic optimization and communication cost optimization of federated learning models with differential privacy. Finally, we review the applications of federated learning models with differential privacy in various domains. By systematically summarizing the existing research, we propose future research opportunities.
文摘The Personal Information Protection Law,as the first law on personal information protection in China,hits the people’s most concerned,realistic and direct privacy and information security issues,and plays an extremely important role in promoting the development of the digital economy,the legalization of socialism with Chinese characteristics and social public security,and marks a new historical development stage in the protection of personal information in China.However,the awareness of privacy protection and privacy protection behavior of the public in personal information privacy protection is weak.Based on the literature review and in-depth understanding of current legal regulations,this study integrates the relevant literature and theoretical knowledge of the Personal Protection Law to construct a conceptual model of“privacy information protection willingness-privacy information protection behavior”.Taking the residents of Foshan City as an example,this paper conducts a questionnaire survey on their attitudes toward the Personal Protection Law,analyzes the factors influencing their willingness to protect their privacy and their behaviors,and explores the mechanisms of their influencing variables,to provide advice and suggestions for promoting the protection of privacy information and building a security barrier for the high-quality development of public information security.
文摘With the rapid development of information technology and the continuous evolution of personalized ser- vices, huge amounts of data are accumulated by large internet companies in the process of serving users. Moreover, dynamic data interactions increase the intentional/unintentional persistence of private infor- mation in different information systems. However, problems such as the cask principle of preserving pri- vate information among different information systems and the dif culty of tracing the source of privacy violations are becoming increasingly serious. Therefore, existing privacy-preserving schemes cannot pro- vide systematic privacy preservation. In this paper, we examine the links of the information life-cycle, such as information collection, storage, processing, distribution, and destruction. We then propose a the- ory of privacy computing and a key technology system that includes a privacy computing framework, a formal de nition of privacy computing, four principles that should be followed in privacy computing, ffect algorithm design criteria, evaluation of the privacy-preserving effect, and a privacy computing language. Finally, we employ four application scenarios to describe the universal application of privacy computing, and discuss the prospect of future research trends. This work is expected to guide theoretical research on user privacy preservation within open environments.
文摘Online Social Networks (OSN) sites allow end-users to share agreat deal of information, which may also contain sensitive information,that may be subject to commercial or non-commercial privacy attacks. Asa result, guaranteeing various levels of privacy is critical while publishingdata by OSNs. The clustering-based solutions proved an effective mechanismto achieve the privacy notions in OSNs. But fixed clustering limits theperformance and scalability. Data utility degrades with increased privacy,so balancing the privacy utility trade-off is an open research issue. Theresearch has proposed a novel privacy preservation model using the enhancedclustering mechanism to overcome this issue. The proposed model includesphases like pre-processing, enhanced clustering, and ensuring privacy preservation.The enhanced clustering algorithm is the second phase where authorsmodified the existing fixed k-means clustering using the threshold approach.The threshold value is determined based on the supplied OSN data of edges,nodes, and user attributes. Clusters are k-anonymized with multiple graphproperties by a novel one-pass algorithm. After achieving the k-anonymityof clusters, optimization was performed to achieve all privacy models, suchas k-anonymity, t-closeness, and l-diversity. The proposed privacy frameworkachieves privacy of all three network components, i.e., link, node, and userattributes, with improved utility. The authors compare the proposed techniqueto underlying methods using OSN Yelp and Facebook datasets. The proposedapproach outperformed the underlying state of art methods for Degree ofAnonymization, computational efficiency, and information loss.
基金supported by the National Natural Science Foundation of China,No.61977006.
文摘Nowadays,smart wearable devices are used widely in the Social Internet of Things(IoT),which record human physiological data in real time.To protect the data privacy of smart devices,researchers pay more attention to federated learning.Although the data leakage problem is somewhat solved,a new challenge has emerged.Asynchronous federated learning shortens the convergence time,while it has time delay and data heterogeneity problems.Both of the two problems harm the accuracy.To overcome these issues,we propose an asynchronous federated learning scheme based on double compensation to solve the problem of time delay and data heterogeneity problems.The scheme improves the Delay Compensated Asynchronous Stochastic Gradient Descent(DC-ASGD)algorithm based on the second-order Taylor expansion as the delay compensation.It adds the FedProx operator to the objective function as the heterogeneity compensation.Besides,the proposed scheme motivates the federated learning process by adjusting the importance of the participants and the central server.We conduct multiple sets of experiments in both conventional and heterogeneous scenarios.The experimental results show that our scheme improves the accuracy by about 5%while keeping the complexity constant.We can find that our scheme converges more smoothly during training and adapts better in heterogeneous environments through numerical experiments.The proposed double-compensation-based federated learning scheme is highly accurate,flexible in terms of participants and smooth the training process.Hence it is deemed suitable for data privacy protection of smart wearable devices.
基金supported by the Major science and technology project of Hainan Province(Grant No.ZDKJ2020012)National Natural Science Foundation of China(Grant No.62162024 and 62162022)Key Projects in Hainan Province(Grant ZDYF2021GXJS003 and Grant ZDYF2020040).
文摘With the increasing number of smart devices and the development of machine learning technology,the value of users’personal data is becoming more and more important.Based on the premise of protecting users’personal privacy data,federated learning(FL)uses data stored on edge devices to realize training tasks by contributing training model parameters without revealing the original data.However,since FL can still leak the user’s original data by exchanging gradient information.The existing privacy protection strategy will increase the uplink time due to encryption measures.It is a huge challenge in terms of communication.When there are a large number of devices,the privacy protection cost of the system is higher.Based on these issues,we propose a privacy-preserving scheme of user-based group collaborative federated learning(GrCol-PPFL).Our scheme primarily divides participants into several groups and each group communicates in a chained transmission mechanism.All groups work in parallel at the same time.The server distributes a random parameter with the same dimension as the model parameter for each participant as a mask for the model parameter.We use the public datasets of modified national institute of standards and technology database(MNIST)to test the model accuracy.The experimental results show that GrCol-PPFL not only ensures the accuracy of themodel,but also ensures the security of the user’s original data when users collude with each other.Finally,through numerical experiments,we show that by changing the number of groups,we can find the optimal number of groups that reduces the uplink consumption time.
文摘A person’s privacy has become a growing concern,given the nature of an expansive reliance on real-time video activities with video capture,stream,and storage.This paper presents an innovative system design based on a privacy-preserving model.The proposed system design is implemented by employing an enhanced capability that overcomes today’s single parameterbased access control protection mechanism for digital privacy preservation.The enhanced capability combines multiple access control parameters:facial expression,resource,environment,location,and time.The proposed system design demonstrated that a person’s facial expressions combined with a set of access control rules can achieve a person’s privacy-preserving preferences.The findings resulted in different facial expressions successfully triggering a person’s face to be blurred and a person’s privacy when using a real-time video conferencing service captured from a webcam or virtual webcam.A comparison analysis of capabilities between existing designs and the proposed system design shows enhancement of the capabilities of the proposed system.A series of experiments exercising the enhanced,real-time multi-parameterbased system was shown as a viable path forward for preserving a person’s privacy while using a webcam or virtual webcam to capture,stream,and store videos.
