Computer Forensics Framework for Efficient and Lawful Privacy-Preserved Investigation

Privacy preservation(PP)in Digital forensics(DF)is a conflicted and non-trivial issue.Existing solutions use the searchable encryption concept and,as a result,are not efficient and support only a keyword search.Moreover,the collected forensic data cannot be analyzed using existing well-known digital tools.This research paper first investigates the lawful requirements for PP in DF based on the organization for economic co-operation and development OECB)privacy guidelines.To have an efficient investigation process and meet the increased volume of data,the presented framework is designed based on the selective imaging concept and advanced encryption standard(AES).The proposed framework has two main modules,namely Selective Imaging Module(SIM)and Selective Analysis Module(SAM).The SIM and SAM modules are implemented based on advanced forensic format 4(AFF4)and SleuthKit open source forensics frameworks,respectively,and,accordingly,the proposed framework is evaluated in a forensically sound manner.The evaluation result is compared with other relevant works and,as a result,the proposed solution provides a privacy-preserving,efficient forensic imaging and analysis process while having also sufficient methods.Moreover,the AFF4 forensic image,produced by the SIM module,can be analyzed not only by SAM,but also by other well-known analysis tools available on the market.

Privacy Preserved Brain Disorder Diagnosis Using Federated Learning

Federated learning has recently attracted significant attention as a cutting-edge technology that enables Artificial Intelligence(AI)algorithms to utilize global learning across the data of numerous individuals while safeguarding user data privacy.Recent advanced healthcare technologies have enabled the early diagnosis of various cognitive ailments like Parkinson’s.Adequate user data is frequently used to train machine learning models for healthcare systems to track the health status of patients.The healthcare industry faces two significant challenges:security and privacy issues and the personalization of cloud-trained AI models.This paper proposes a Deep Neural Network(DNN)based approach embedded in a federated learning framework to detect and diagnose brain disorders.We extracted the data from the database of Kay Elemetrics voice disordered and divided the data into two windows to create training models for two clients,each with different data.To lessen the over-fitting aspect,every client reviewed the outcomes in three rounds.The proposed model identifies brain disorders without jeopardizing privacy and security.The results reveal that the global model achieves an accuracy of 82.82%for detecting brain disorders while preserving privacy.

Blockchain-Enabled Privacy Protection and Access Control Scheme Towards Sensitive Digital Assets Management

With the growth of requirements for data sharing,a novel business model of digital assets trading has emerged that allows data owners to sell their data for monetary gain.In the distributed ledger of blockchain,however,the privacy of stakeholder's identity and the confidentiality of data content are threatened.Therefore,we proposed a blockchainenabled privacy-preserving and access control scheme to address the above problems.First,the multi-channel mechanism is introduced to provide the privacy protection of distributed ledger inside the channel and achieve coarse-grained access control to digital assets.Then,we use multi-authority attribute-based encryption(MAABE)algorithm to build a fine-grained access control model for data trading in a single channel and describe its instantiation in detail.Security analysis shows that the scheme has IND-CPA secure and can provide privacy protection and collusion resistance.Compared with other schemes,our solution has better performance in privacy protection and access control.The evaluation results demonstrate its effectiveness and practicability.

Trusted Certified Auditor Using Cryptography for Secure Data Outsourcing and Privacy Preservation in Fog-Enabled VANETs

With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.The best way to enhance traffic flow for vehicles and traffic management departments is to share thedata they receive.There needs to be more protection for the VANET systems.An effective and safe methodof outsourcing is suggested,which reduces computation costs by achieving data security using a homomorphicmapping based on the conjugate operation of matrices.This research proposes a VANET-based data outsourcingsystem to fix the issues.To keep data outsourcing secure,the suggested model takes cryptography models intoaccount.Fog will keep the generated keys for the purpose of vehicle authentication.For controlling and overseeingthe outsourced data while preserving privacy,the suggested approach considers the Trusted Certified Auditor(TCA).Using the secret key,TCA can identify the genuine identity of VANETs when harmful messages aredetected.The proposed model develops a TCA-based unique static vehicle labeling system using cryptography(TCA-USVLC)for secure data outsourcing and privacy preservation in VANETs.The proposed model calculatesthe trust of vehicles in 16 ms for an average of 180 vehicles and achieves 98.6%accuracy for data encryption toprovide security.The proposedmodel achieved 98.5%accuracy in data outsourcing and 98.6%accuracy in privacypreservation in fog-enabled VANETs.Elliptical curve cryptography models can be applied in the future for betterencryption and decryption rates with lightweight cryptography operations.

A Cloud-Fog Enabled and Privacy-Preserving IoT Data Market Platform Based on Blockchain

The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among the pivotal applications within the realm of IoT,as a significant example,the Smart Grid(SG)evolves into intricate networks of energy deployment marked by data integration.This evolution concurrently entails data interchange with other IoT entities.However,there are also several challenges including data-sharing overheads and the intricate establishment of trusted centers in the IoT ecosystem.In this paper,we introduce a hierarchical secure data-sharing platform empowered by cloud-fog integration.Furthermore,we propose a novel non-interactive zero-knowledge proof-based group authentication and key agreement protocol that supports one-to-many sharing sets of IoT data,especially SG data.The security formal verification tool shows that the proposed scheme can achieve mutual authentication and secure data sharing while protecting the privacy of data providers.Compared with previous IoT data sharing schemes,the proposed scheme has advantages in both computational and transmission efficiency,and has more superiority with the increasing volume of shared data or increasing number of participants.

Privacy-Preserving Healthcare and Medical Data Collaboration Service System Based on Blockchain and Federated Learning

As the volume of healthcare and medical data increases from diverse sources,real-world scenarios involving data sharing and collaboration have certain challenges,including the risk of privacy leakage,difficulty in data fusion,low reliability of data storage,low effectiveness of data sharing,etc.To guarantee the service quality of data collaboration,this paper presents a privacy-preserving Healthcare and Medical Data Collaboration Service System combining Blockchain with Federated Learning,termed FL-HMChain.This system is composed of three layers:Data extraction and storage,data management,and data application.Focusing on healthcare and medical data,a healthcare and medical blockchain is constructed to realize data storage,transfer,processing,and access with security,real-time,reliability,and integrity.An improved master node selection consensus mechanism is presented to detect and prevent dishonest behavior,ensuring the overall reliability and trustworthiness of the collaborative model training process.Furthermore,healthcare and medical data collaboration services in real-world scenarios have been discussed and developed.To further validate the performance of FL-HMChain,a Convolutional Neural Network-based Federated Learning(FL-CNN-HMChain)model is investigated for medical image identification.This model achieves better performance compared to the baseline Convolutional Neural Network(CNN),having an average improvement of 4.7%on Area Under Curve(AUC)and 7%on Accuracy(ACC),respectively.Furthermore,the probability of privacy leakage can be effectively reduced by the blockchain-based parameter transfer mechanism in federated learning between local and global models.

2P3FL:A Novel Approach for Privacy Preserving in Financial Sectors Using Flower Federated Learning

The increasing data pool in finance sectors forces machine learning(ML)to step into new complications.Banking data has significant financial implications and is confidential.Combining users data from several organizations for various banking services may result in various intrusions and privacy leakages.As a result,this study employs federated learning(FL)using a flower paradigm to preserve each organization’s privacy while collaborating to build a robust shared global model.However,diverse data distributions in the collaborative training process might result in inadequate model learning and a lack of privacy.To address this issue,the present paper proposes the imple-mentation of Federated Averaging(FedAvg)and Federated Proximal(FedProx)methods in the flower framework,which take advantage of the data locality while training and guaranteeing global convergence.Resultantly improves the privacy of the local models.This analysis used the credit card and Canadian Institute for Cybersecurity Intrusion Detection Evaluation(CICIDS)datasets.Precision,recall,and accuracy as performance indicators to show the efficacy of the proposed strategy using FedAvg and FedProx.The experimental findings suggest that the proposed approach helps to safely use banking data from diverse sources to enhance customer banking services by obtaining accuracy of 99.55%and 83.72%for FedAvg and 99.57%,and 84.63%for FedProx.

Evolutionary privacy-preserving learning strategies for edge-based IoT data sharing schemes

The fast proliferation of edge devices for the Internet of Things(IoT)has led to massive volumes of data explosion.The generated data is collected and shared using edge-based IoT structures at a considerably high frequency.Thus,the data-sharing privacy exposure issue is increasingly intimidating when IoT devices make malicious requests for filching sensitive information from a cloud storage system through edge nodes.To address the identified issue,we present evolutionary privacy preservation learning strategies for an edge computing-based IoT data sharing scheme.In particular,we introduce evolutionary game theory and construct a payoff matrix to symbolize intercommunication between IoT devices and edge nodes,where IoT devices and edge nodes are two parties of the game.IoT devices may make malicious requests to achieve their goals of stealing privacy.Accordingly,edge nodes should deny malicious IoT device requests to prevent IoT data from being disclosed.They dynamically adjust their own strategies according to the opponent's strategy and finally maximize the payoffs.Built upon a developed application framework to illustrate the concrete data sharing architecture,a novel algorithm is proposed that can derive the optimal evolutionary learning strategy.Furthermore,we numerically simulate evolutionarily stable strategies,and the final results experimentally verify the correctness of the IoT data sharing privacy preservation scheme.Therefore,the proposed model can effectively defeat malicious invasion and protect sensitive information from leaking when IoT data is shared.

Enhanced Clustering Based OSN Privacy Preservation to Ensure k-Anonymity, t-Closeness, l-Diversity, and Balanced Privacy Utility

Online Social Networks (OSN) sites allow end-users to share agreat deal of information, which may also contain sensitive information,that may be subject to commercial or non-commercial privacy attacks. Asa result, guaranteeing various levels of privacy is critical while publishingdata by OSNs. The clustering-based solutions proved an effective mechanismto achieve the privacy notions in OSNs. But fixed clustering limits theperformance and scalability. Data utility degrades with increased privacy,so balancing the privacy utility trade-off is an open research issue. Theresearch has proposed a novel privacy preservation model using the enhancedclustering mechanism to overcome this issue. The proposed model includesphases like pre-processing, enhanced clustering, and ensuring privacy preservation.The enhanced clustering algorithm is the second phase where authorsmodified the existing fixed k-means clustering using the threshold approach.The threshold value is determined based on the supplied OSN data of edges,nodes, and user attributes. Clusters are k-anonymized with multiple graphproperties by a novel one-pass algorithm. After achieving the k-anonymityof clusters, optimization was performed to achieve all privacy models, suchas k-anonymity, t-closeness, and l-diversity. The proposed privacy frameworkachieves privacy of all three network components, i.e., link, node, and userattributes, with improved utility. The authors compare the proposed techniqueto underlying methods using OSN Yelp and Facebook datasets. The proposedapproach outperformed the underlying state of art methods for Degree ofAnonymization, computational efficiency, and information loss.

Smart contract token-based privacy-preserving access control system for industrial Internet of Things

Due to mobile Internet technology's rapid popularization,the Industrial Internet of Things(IIoT)can be seen everywhere in our daily lives.While IIoT brings us much convenience,a series of security and scalability issues related to permission operations rise to the surface during device communications.Hence,at present,a reliable and dynamic access control management system for IIoT is in urgent need.Up till now,numerous access control architectures have been proposed for IIoT.However,owing to centralized models and heterogeneous devices,security and scalability requirements still cannot be met.In this paper,we offer a smart contract token-based solution for decentralized access control in IIoT systems.Specifically,there are three smart contracts in our system,including the Token Issue Contract(TIC),User Register Contract(URC),and Manage Contract(MC).These three contracts collaboratively supervise and manage various events in IIoT environments.We also utilize the lightweight and post-quantum encryption algorithm-Nth-degree Truncated Polynomial Ring Units(NTRU)to preserve user privacy during the registration process.Subsequently,to evaluate our proposed architecture's performance,we build a prototype platform that connects to the local blockchain.Finally,experiment results show that our scheme has achieved secure and dynamic access control for the IIoT system compared with related research.

Lightweight privacy-preserving truth discovery for vehicular air quality monitoring

Air pollution has become a global concern for many years.Vehicular crowdsensing systems make it possible to monitor air quality at a fine granularity.To better utilize the sensory data with varying credibility,truth discovery frameworks are introduced.However,in urban cities,there is a significant difference in traffic volumes of streets or blocks,which leads to a data sparsity problem for truth discovery.Protecting the privacy of participant vehicles is also a crucial task.We first present a data masking-based privacy-preserving truth discovery framework,which incorporates spatial and temporal correlations to solve the sparsity problem.To further improve the truth discovery performance of the presented framework,an enhanced version is proposed with anonymous communication and data perturbation.Both frameworks are more lightweight than the existing cryptography-based methods.We also evaluate the work with simulations and fully discuss the performance and possible extensions.

Privacy Preserving Demand Side Management Method via Multi-Agent Reinforcement Learning

The smart grid utilizes the demand side management technology to motivate energy users towards cutting demand during peak power consumption periods, which greatly improves the operation efficiency of the power grid. However, as the number of energy users participating in the smart grid continues to increase, the demand side management strategy of individual agent is greatly affected by the dynamic strategies of other agents. In addition, the existing demand side management methods, which need to obtain users’ power consumption information,seriously threaten the users’ privacy. To address the dynamic issue in the multi-microgrid demand side management model, a novel multi-agent reinforcement learning method based on centralized training and decentralized execution paradigm is presented to mitigate the damage of training performance caused by the instability of training experience. In order to protect users’ privacy, we design a neural network with fixed parameters as the encryptor to transform the users’ energy consumption information from low-dimensional to high-dimensional and theoretically prove that the proposed encryptor-based privacy preserving method will not affect the convergence property of the reinforcement learning algorithm. We verify the effectiveness of the proposed demand side management scheme with the real-world energy consumption data of Xi’an, Shaanxi, China. Simulation results show that the proposed method can effectively improve users’ satisfaction while reducing the bill payment compared with traditional reinforcement learning(RL) methods(i.e., deep Q learning(DQN), deep deterministic policy gradient(DDPG),QMIX and multi-agent deep deterministic policy gradient(MADDPG)). The results also demonstrate that the proposed privacy protection scheme can effectively protect users’ privacy while ensuring the performance of the algorithm.

Data Mining with Privacy Protection Using Precise Elliptical Curve Cryptography

Protecting the privacy of data in the multi-cloud is a crucial task.Data mining is a technique that protects the privacy of individual data while mining those data.The most significant task entails obtaining data from numerous remote databases.Mining algorithms can obtain sensitive information once the data is in the data warehouse.Many traditional algorithms/techniques promise to provide safe data transfer,storing,and retrieving over the cloud platform.These strategies are primarily concerned with protecting the privacy of user data.This study aims to present data mining with privacy protection(DMPP)using precise elliptic curve cryptography(PECC),which builds upon that algebraic elliptic curve infinitefields.This approach enables safe data exchange by utilizing a reliable data consolidation approach entirely reliant on rewritable data concealing techniques.Also,it outperforms data mining in terms of solid privacy procedures while maintaining the quality of the data.Average approximation error,computational cost,anonymizing time,and data loss are considered performance measures.The suggested approach is practical and applicable in real-world situations according to the experimentalfindings.

Reliable and Privacy-Preserving Federated Learning with Anomalous Users

Recently,various privacy-preserving schemes have been proposed to resolve privacy issues in federated learning(FL).However,most of them ignore the fact that anomalous users holding low-quality data may reduce the accuracy of trained models.Although some existing works manage to solve this problem,they either lack privacy protection for users’sensitive information or introduce a two-cloud model that is difficult to find in reality.A reliable and privacy-preserving FL scheme named reliable and privacy-preserving federated learning(RPPFL)based on a single-cloud model is proposed.Specifically,inspired by the truth discovery technique,we design an approach to identify the user’s reliability and thereby decrease the impact of anomalous users.In addition,an additively homomorphic cryptosystem is utilized to provide comprehensive privacy preservation(user’s local gradient privacy and reliability privacy).We give rigorous theoretical analysis to show the security of RPPFL.Based on open datasets,we conduct extensive experiments to demonstrate that RPPEL compares favorably with existing works in terms of efficiency and accuracy.

An Extensive Study and Review of Privacy Preservation Models for the Multi-Institutional Data

The deep learning models hold considerable potential for clinical applications, but there are many challenges to successfully training deep learning models. Large-scale data collection is required, which is frequently only possible through multi-institutional cooperation. Building large central repositories is one strategy for multi-institution studies. However, this is hampered by issues regarding data sharing, including patient privacy, data de-identification, regulation, intellectual property, and data storage. These difficulties have lessened the impracticality of central data storage. In this survey, we will look at 24 research publications that concentrate on machine learning approaches linked to privacy preservation techniques for multi-institutional data, highlighting the multiple shortcomings of the existing methodologies. Researching different approaches will be made simpler in this case based on a number of factors, such as performance measures, year of publication and journals, achievements of the strategies in numerical assessments, and other factors. A technique analysis that considers the benefits and drawbacks of the strategies is additionally provided. The article also looks at some potential areas for future research as well as the challenges associated with increasing the accuracy of privacy protection techniques. The comparative evaluation of the approaches offers a thorough justification for the research’s purpose.

A Holistic Secure Communication Mechanism Using a Multilayered Cryptographic Protocol to Enhanced Security

In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.

Privacy Preserving Solution for the Asynchronous Localization of Underwater Sensor Networks

Location estimation of underwater sensor networks(USNs)has become a critical technology,due to its fundamental role in the sensing,communication and control of ocean volume.However,the asynchronous clock,security attack and mobility characteristics of underwater environment make localization much more challenging as compared with terrestrial sensor networks.This paper is concerned with a privacy-preserving asynchronous localization issue for USNs.Particularly,a hybrid network architecture that includes surface buoys,anchor nodes,active sensor nodes and ordinary sensor nodes is constructed.Then,an asynchronous localization protocol is provided,through which two privacy-preserving localization algorithms are designed to estimate the locations of active and ordinary sensor nodes.It is worth mentioning that,the proposed localization algorithms reveal disguised positions to the network,while they do not adopt any homomorphic encryption technique.More importantly,they can eliminate the effect of asynchronous clock,i.e.,clock skew and offset.The performance analyses for the privacy-preserving asynchronous localization algorithms are also presented.Finally,simulation and experiment results reveal that the proposed localization approach can avoid the leakage of position information,while the location accuracy can be significantly enhanced as compared with the other works.

Security and privacy in 6G networks:New areas and new challenges

With the deployment of more and more 5g networks,the limitations of 5g networks have been found,which undoubtedly promotes the exploratory research of 6G networks as the next generation solutions.These investigations include the fundamental security and privacy problems associated with 6G technologies.Therefore,in order to consolidate and solidify this foundational research as a basis for future investigations,we have prepared a survey on the status quo of 6G security and privacy.The survey begins with a historical review of previous networking technologies and how they have informed the current trends in 6G networking.We then discuss four key aspects of 6G networks–real-time intelligent edge computing,distributed artificial intelligence,intelligent radio,and 3D intercoms–and some promising emerging technologies in each area,along with the relevant security and privacy issues.The survey concludes with a report on the potential use of 6G.Some of the references used in this paper along and further details of several points raised can be found at:security-privacyin5g-6g.github.io.

An efficient data aggregation scheme with local differential privacy in smart grid

By integrating the traditional power grid with information and communication technology, smart grid achieves dependable, efficient, and flexible grid data processing. The smart meters deployed on the user side of the smart grid collect the users' power usage data on a regular basis and upload it to the control center to complete the smart grid data acquisition. The control center can evaluate the supply and demand of the power grid through aggregated data from users and then dynamically adjust the power supply and price, etc. However, since the grid data collected from users may disclose the user's electricity usage habits and daily activities, privacy concern has become a critical issue in smart grid data aggregation. Most of the existing privacy-preserving data collection schemes for smart grid adopt homomorphic encryption or randomization techniques which are either impractical because of the high computation overhead or unrealistic for requiring a trusted third party.

Security and privacy issues of physical objects in the IoT:Challenges and opportunities

In the Internet of Things(IoT),security and privacy issues of physical objects are crucial to the related applications.In order to clarify the complicated security and privacy issues,the life cycle of a physical object is divided into three stages of pre-working,in-working,and post-working.On this basis,a physical object-based security architecture for the IoT is put forward.According to the security architecture,security and privacy requirements and related protecting technologies for physical objects in different working stages are analyzed in detail.Considering the development of IoT technologies,potential security and privacy challenges that IoT objects may face in the pervasive computing environment are summarized.At the same time,possible directions for dealing with these challenges are also pointed out.