Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to pr...Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to protect the network from vulnerabilities and attacks.Although extensive research was reported in IDS,detecting novel intrusions with optimal features and reducing false alarm rates are still challenging.Therefore,we developed a novel fusion-based feature importance method to reduce the high dimensional feature space,which helps to identify attacks accurately with less false alarm rate.Initially,to improve training data quality,various preprocessing techniques are utilized.The Adaptive Synthetic oversampling technique generates synthetic samples for minority classes.In the proposed fusion-based feature importance,we use different approaches from the filter,wrapper,and embedded methods like mutual information,random forest importance,permutation importance,Shapley Additive exPlanations(SHAP)-based feature importance,and statistical feature importance methods like the difference of mean and median and standard deviation to rank each feature according to its rank.Then by simple plurality voting,the most optimal features are retrieved.Then the optimal features are fed to various models like Extra Tree(ET),Logistic Regression(LR),Support vector Machine(SVM),Decision Tree(DT),and Extreme Gradient Boosting Machine(XGBM).Then the hyperparameters of classification models are tuned with Halving Random Search cross-validation to enhance the performance.The experiments were carried out on the original imbalanced data and balanced data.The outcomes demonstrate that the balanced data scenario knocked out the imbalanced data.Finally,the experimental analysis proved that our proposed fusionbased feature importance performed well with XGBM giving an accuracy of 99.86%,99.68%,and 92.4%,with 9,7 and 8 features by training time of 1.5,4.5 and 5.5 s on Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD),Canadian Institute for Cybersecurity(CIC-IDS 2017),and UNSW-NB15,datasets respectively.In addition,the suggested technique has been examined and contrasted with the state of art methods on three datasets.展开更多
The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to ...The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to withstand malicious cyberattacks.To meet the high hardware resource requirements,address the vulnerability to network attacks and poor reliability in the tradi-tional centralized data storage schemes,this paper proposes a secure storage management method for microgrid data that considers node trust and directed acyclic graph(DAG)consensus mechanism.Firstly,the microgrid data storage model is designed based on the edge computing technology.The blockchain,deployed on the edge computing server and combined with cloud storage,ensures reliable data storage in the microgrid.Secondly,a blockchain consen-sus algorithm based on directed acyclic graph data structure is then proposed to effectively improve the data storage timeliness and avoid disadvantages in traditional blockchain topology such as long chain construction time and low consensus efficiency.Finally,considering the tolerance differences among the candidate chain-building nodes to network attacks,a hash value update mechanism of blockchain header with node trust identification to ensure data storage security is proposed.Experimental results from the microgrid data storage platform show that the proposed method can achieve a private key update time of less than 5 milliseconds.When the number of blockchain nodes is less than 25,the blockchain construction takes no more than 80 mins,and the data throughput is close to 300 kbps.Compared with the traditional chain-topology-based consensus methods that do not consider node trust,the proposed method has higher efficiency in data storage and better resistance to network attacks.展开更多
Searchable Encryption(SE)enables data owners to search remotely stored ciphertexts selectively.A practical model that is closest to real life should be able to handle search queries with multiple keywords and multiple...Searchable Encryption(SE)enables data owners to search remotely stored ciphertexts selectively.A practical model that is closest to real life should be able to handle search queries with multiple keywords and multiple data owners/users,and even return the top-k most relevant search results when requested.We refer to a model that satisfies all of the conditions a 3-multi ranked search model.However,SE schemes that have been proposed to date use fully trusted trapdoor generation centers,and several methods assume a secure connection between the data users and a trapdoor generation center.That is,they assume the trapdoor generation center is the only entity that can learn the information regarding queried keywords,but it will never attempt to use it in any other manner than that requested,which is impractical in real life.In this study,to enhance the security,we propose a new 3-multi ranked SE scheme that satisfies all conditions without these security assumptions.The proposed scheme uses randomized keywords to protect the interested keywords of users from both outside adversaries and the honest-but-curious trapdoor generation center,thereby preventing attackers from determining whether two different queries include the same keyword.Moreover,we develop a method for managing multiple encrypted keywords from every data owner,each encrypted with a different key.Our evaluation demonstrates that,despite the trade-off overhead that results from the weaker security assumption,the proposed scheme achieves reasonable performance compared to extant schemes,which implies that our scheme is practical and closest to real life.展开更多
As cloud computing is becoming prevalent, data owners are motivated to delegate complex data managements to the commercial cloud for economic savings. Sensitive data is usually encrypted before being uploaded to the c...As cloud computing is becoming prevalent, data owners are motivated to delegate complex data managements to the commercial cloud for economic savings. Sensitive data is usually encrypted before being uploaded to the cloud, which unfortunately makes the frequently-used search function a challenging problem. In this paper, we present a new multi-keyword dynamic search scheme with result ranking to make search over encrypted data more secure and practical. In the scheme, we employ a powerful function-hiding inner product encryption to enhance the security by preventing the leakage of search pattern. For the concern of efficiency, we adopt a tree-based index structure to facilitate the searching process and updating operations. A comprehensive security analysis is provided and experiments over the real world data show that our scheme is efficient.展开更多
The problem of information comparison is always an important field of SMC.In order to effectively solve the fully equal problem of multi-data for all information,a secure two-party multi-data comparison protocol for e...The problem of information comparison is always an important field of SMC.In order to effectively solve the fully equal problem of multi-data for all information,a secure two-party multi-data comparison protocol for equality(STMC)is proposed with the aid of the NTRU encryption.The protocol converts multi-data comparison problem for equality to polynomials comparison for equality.Analysis shows that the protocol is correct and security in semi-honest model.Being STMC as basic building block,a secure multi-party multi-data comparison protocol for equality(SMMC)is proposed.SMMC provides a solution which n participants hope to determine the equality of their private input sets,on the condition of no information leaked.This protocol is proved to be collusion-resistance security.The last,computational complexity and communication complexity of the two protocols are analyzed.It is shown that new protocols have low complexity.We also give applications in the secure multi-party information comparison problem and secure multi-party polynomial comparison problem.展开更多
Data outsourcing has become an important application of cloud computing.Driven by the growing security demands of data outsourcing applications,sensitive data have to be encrypted before outsourcing.Therefore,how to p...Data outsourcing has become an important application of cloud computing.Driven by the growing security demands of data outsourcing applications,sensitive data have to be encrypted before outsourcing.Therefore,how to properly encrypt data in a way that the encrypted and remotely stored data can still be queried has become a challenging issue.Searchable encryption scheme is proposed to allow users to search over encrypted data.However,most searchable encryption schemes do not consider search result diversification,resulting in information redundancy.In this paper,a verifiable diversity ranking search scheme over encrypted outsourced data is proposed while preserving privacy in cloud computing,which also supports search results verification.The goal is that the ranked documents concerning diversification instead of reading relevant documents that only deliver redundant information.Extensive experiments on real-world dataset validate our analysis and show that our proposed solution is effective for the diversification of documents and verification.展开更多
Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has...Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.展开更多
Security measures for a computer network system can be enhanced with better understanding the vulnerabilities and their behavior over the time. It is observed that the effects of vulnerabilities vary with the time ove...Security measures for a computer network system can be enhanced with better understanding the vulnerabilities and their behavior over the time. It is observed that the effects of vulnerabilities vary with the time over their life cycle. In the present study, we have presented a new methodology to assess the magnitude of the risk of a vulnerability as a “Risk Rank”. To derive this new methodology well known Markovian approach with a transition probability matrix is used including relevant risk factors for discovered and recorded vulnerabilities. However, in addition to observing the risk factor for each vulnerability individually we have introduced the concept of ranking vulnerabilities at a particular time taking a similar approach to Google Page Rank Algorithm. New methodology is exemplified using a simple model of computer network with three recorded vulnerabilities with their CVSS scores.展开更多
In recent years,with the development of blockchain,electronic bidding auction has received more and more attention.Aiming at the possible problems of privacy leakage in the current electronic bidding and auction,this ...In recent years,with the development of blockchain,electronic bidding auction has received more and more attention.Aiming at the possible problems of privacy leakage in the current electronic bidding and auction,this paper proposes an electronic bidding auction system based on blockchain against malicious adversaries,which uses the secure multi-party computation to realize secure bidding auction protocol without any trusted third party.The protocol proposed in this paper is an electronic bidding auction scheme based on the threshold elliptic curve cryptography.It can be implemented without any third party to complete the bidding auction for some malicious behaviors of the participants,which can solve the problem of resisting malicious adversary attacks.The security of the protocol is proved by the real/ideal model paradigm,and the efficiency of the protocol is analyzed.The efficiency of the protocol is verified by simulating experiments,and the protocol has practical value.展开更多
To solve the data island problem,federated learning(FL)provides a solution paradigm where each client sends the model parameters but not the data to a server for model aggregation.Peer-to-peer(P2P)federated learning f...To solve the data island problem,federated learning(FL)provides a solution paradigm where each client sends the model parameters but not the data to a server for model aggregation.Peer-to-peer(P2P)federated learning further improves the robustness of the system,in which there is no server and each client communicates directly with the other.For secure aggregation,secure multi-party computing(SMPC)protocols have been utilized in peer-to-peer manner.However,the ideal SMPC protocols could fail when some clients drop out.In this paper,we propose a robust peer-to-peer learning(RP2PL)algorithm via SMPC to resist clients dropping out.We improve the segmentbased SMPC protocol by adding a check and designing the generation method of random segments.In RP2PL,each client aggregates their models by the improved robust secure multi-part computation protocol when finishes the local training.Experimental results demonstrate that the RP2PL paradigm can mitigate clients dropping out with no significant degradation in performance.展开更多
Security and privacy issues have attracted the attention of researchers in the field of IoT as the information processing scale grows in sensor networks.Quantum computing,theoretically known as an absolutely secure wa...Security and privacy issues have attracted the attention of researchers in the field of IoT as the information processing scale grows in sensor networks.Quantum computing,theoretically known as an absolutely secure way to store and transmit information as well as a speed-up way to accelerate local or distributed classical algorithms that are hard to solve with polynomial complexity in computation or communication.In this paper,we focus on the phase estimation method that is crucial to the realization of a general multi-party computing model,which is able to be accelerated by quantum algorithms.A novel multi-party phase estimation algorithm and the related quantum circuit are proposed by using a distributed Oracle operator with iterations.The proved theoretical communication complexity of this algorithm shows it can give the phase estimation before applying multi-party computing efficiently without increasing any additional complexity.Moreover,a practical problem of multi-party dating investigated shows it can make a successful estimation of the number of solution in advance with zero communication complexity by utilizing its special statistic feature.Sufficient simulations present the correctness,validity and efficiency of the proposed estimation method.展开更多
In our today’s life, it is obvious that cloud computing is one of the new and most important innovations in the field of information technology which constitutes the ground for speeding up the development in great si...In our today’s life, it is obvious that cloud computing is one of the new and most important innovations in the field of information technology which constitutes the ground for speeding up the development in great size storage of data as well as the processing and distribution of data on the largest scale. In other words, the most important interests of any data owner nowadays are related to all of the security as well as the privacy of data, especially in the case of outsourcing private data on a cloud server publicly which has not been one of the well-trusted and reliable domains. With the aim of avoiding any leakage or disclosure of information, we will encrypt any information important or confidential prior to being uploaded to the server and this may lead to an obstacle which encounters any attempt to support any efficient keyword query to be and ranked with matching results on such encrypted data. Recent researches conducted in this area have focused on a single keyword query with no proper ranking scheme in hand. In this paper, we will propose a new model called Secure Model for Preserving Privacy Over Encrypted Cloud Computing (SPEC) to improve the performance of cloud computing and to safeguard privacy of data in comparison to the results of previous researches in regard to accuracy, privacy, security, key generation, storage capacity as well as trapdoor, index generation, index encryption, index update, and finally files retrieval depending on access frequency.展开更多
In software-defined networking(SDN),controllers are sinks of information such as network topology collected from switches.Organizations often like to protect their internal network topology and keep their network poli...In software-defined networking(SDN),controllers are sinks of information such as network topology collected from switches.Organizations often like to protect their internal network topology and keep their network policies private.We borrow techniques from secure multi-party computation(SMC)to preserve the privacy of policies of SDN controllers about status of routers.On the other hand,the number of controllers is one of the most important concerns in scalability of SMC application in SDNs.To address this issue,we formulate an optimization problem to minimize the number of SDN controllers while considering their reliability in SMC operations.We use Non-Dominated Sorting Genetic Algorithm II(NSGA-II)to determine the optimal number of controllers,and simulate SMC for typical SDNs with this number of controllers.Simulation results show that applying the SMC technique to preserve the privacy of organization policies causes only a little delay in SDNs,which is completely justifiable by the privacy obtained.展开更多
Secure multi-party computation(MPC)allows a set of parties to jointly compute a function on their private inputs,and reveals nothing but the output of the function.In the last decade,MPC has rapidly moved from a purel...Secure multi-party computation(MPC)allows a set of parties to jointly compute a function on their private inputs,and reveals nothing but the output of the function.In the last decade,MPC has rapidly moved from a purely theoretical study to an object of practical interest,with a growing interest in practical applications such as privacy-preserving machine learning(PPML).In this paper,we comprehensively survey existing work on concretely ecient MPC protocols with both semi-honest and malicious security,in both dishonest-majority and honest-majority settings.We focus on considering the notion of security with abort,meaning that corrupted parties could prevent honest parties from receiving output after they receive output.We present high-level ideas of the basic and key approaches for designing di erent styles of MPC protocols and the crucial building blocks of MPC.For MPC applications,we compare the known PPML protocols built on MPC,and describe the eciency of private inference and training for the state-of-the-art PPML protocols.Further-more,we summarize several challenges and open problems to break though the eciency of MPC protocols as well as some interesting future work that is worth being addressed.This survey aims to provide the recent development and key approaches of MPC to researchers,who are interested in knowing,improving,and applying concretely ecient MPC protocols.展开更多
Universality is an important property in software and hardware design.This paper concentrates on the universality of quantum secure multi-party computation(SMC)protocol.First of all,an in-depth study of universality h...Universality is an important property in software and hardware design.This paper concentrates on the universality of quantum secure multi-party computation(SMC)protocol.First of all,an in-depth study of universality has been conducted,and then a nearly universal protocol is proposed by using the Greenberger-Horne-Zeilinger(GHZ)-like state and stabilizer formalism.The protocol can resolve the quantum SMC problem which can be deduced as modulo subtraction,and the steps are simple and effective.Secondly,three quantum SMC protocols based on the proposed universal protocol:Quantum private comparison(QPC)protocol,quantum millionaire(QM)protocol,and quantum multi-party summation(QMS)protocol are presented.These protocols are given as examples to explain universality.Thirdly,analyses of the example protocols are shown.Concretely,the correctness,fairness,and efficiency are confirmed.And the proposed universal protocol meets security from the perspective of preventing inside attacks and outside attacks.Finally,the experimental results of the example protocols on the International Business Machines(IBM)quantum platform are consistent with the theoretical results.Our research indicates that our protocol is universal to a certain degree and easy to perform.展开更多
This paper proposes an efficient batch secret sharing protocol among n players resilient to t 〈 n/4 players in asynchronous network. The construction of our protocol is along the line of Hirt's protocol which works ...This paper proposes an efficient batch secret sharing protocol among n players resilient to t 〈 n/4 players in asynchronous network. The construction of our protocol is along the line of Hirt's protocol which works in synchronous model. Compared with the method of using secret share protocol m times to share m secrets, our protocol is quite efficient. The protocol can be used to improve the efficiency of secure multi-party computation (MPC) greatly in asynchronous network.展开更多
文摘Expanding internet-connected services has increased cyberattacks,many of which have grave and disastrous repercussions.An Intrusion Detection System(IDS)plays an essential role in network security since it helps to protect the network from vulnerabilities and attacks.Although extensive research was reported in IDS,detecting novel intrusions with optimal features and reducing false alarm rates are still challenging.Therefore,we developed a novel fusion-based feature importance method to reduce the high dimensional feature space,which helps to identify attacks accurately with less false alarm rate.Initially,to improve training data quality,various preprocessing techniques are utilized.The Adaptive Synthetic oversampling technique generates synthetic samples for minority classes.In the proposed fusion-based feature importance,we use different approaches from the filter,wrapper,and embedded methods like mutual information,random forest importance,permutation importance,Shapley Additive exPlanations(SHAP)-based feature importance,and statistical feature importance methods like the difference of mean and median and standard deviation to rank each feature according to its rank.Then by simple plurality voting,the most optimal features are retrieved.Then the optimal features are fed to various models like Extra Tree(ET),Logistic Regression(LR),Support vector Machine(SVM),Decision Tree(DT),and Extreme Gradient Boosting Machine(XGBM).Then the hyperparameters of classification models are tuned with Halving Random Search cross-validation to enhance the performance.The experiments were carried out on the original imbalanced data and balanced data.The outcomes demonstrate that the balanced data scenario knocked out the imbalanced data.Finally,the experimental analysis proved that our proposed fusionbased feature importance performed well with XGBM giving an accuracy of 99.86%,99.68%,and 92.4%,with 9,7 and 8 features by training time of 1.5,4.5 and 5.5 s on Network Security Laboratory-Knowledge Discovery in Databases(NSL-KDD),Canadian Institute for Cybersecurity(CIC-IDS 2017),and UNSW-NB15,datasets respectively.In addition,the suggested technique has been examined and contrasted with the state of art methods on three datasets.
文摘The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to withstand malicious cyberattacks.To meet the high hardware resource requirements,address the vulnerability to network attacks and poor reliability in the tradi-tional centralized data storage schemes,this paper proposes a secure storage management method for microgrid data that considers node trust and directed acyclic graph(DAG)consensus mechanism.Firstly,the microgrid data storage model is designed based on the edge computing technology.The blockchain,deployed on the edge computing server and combined with cloud storage,ensures reliable data storage in the microgrid.Secondly,a blockchain consen-sus algorithm based on directed acyclic graph data structure is then proposed to effectively improve the data storage timeliness and avoid disadvantages in traditional blockchain topology such as long chain construction time and low consensus efficiency.Finally,considering the tolerance differences among the candidate chain-building nodes to network attacks,a hash value update mechanism of blockchain header with node trust identification to ensure data storage security is proposed.Experimental results from the microgrid data storage platform show that the proposed method can achieve a private key update time of less than 5 milliseconds.When the number of blockchain nodes is less than 25,the blockchain construction takes no more than 80 mins,and the data throughput is close to 300 kbps.Compared with the traditional chain-topology-based consensus methods that do not consider node trust,the proposed method has higher efficiency in data storage and better resistance to network attacks.
基金supported by the MSIT(Ministry of Science,ICT),Korea,under the High-Potential Individuals Global Training Program)(2021-0-01547-001)supervised by the IITP(Institute for Information&Communications Technology Planning&Evaluation)the National Research Foundation of Korea(NRF)grant funded by the Ministry of Science and ICT(NRF-2022R1A2C2007255).
文摘Searchable Encryption(SE)enables data owners to search remotely stored ciphertexts selectively.A practical model that is closest to real life should be able to handle search queries with multiple keywords and multiple data owners/users,and even return the top-k most relevant search results when requested.We refer to a model that satisfies all of the conditions a 3-multi ranked search model.However,SE schemes that have been proposed to date use fully trusted trapdoor generation centers,and several methods assume a secure connection between the data users and a trapdoor generation center.That is,they assume the trapdoor generation center is the only entity that can learn the information regarding queried keywords,but it will never attempt to use it in any other manner than that requested,which is impractical in real life.In this study,to enhance the security,we propose a new 3-multi ranked SE scheme that satisfies all conditions without these security assumptions.The proposed scheme uses randomized keywords to protect the interested keywords of users from both outside adversaries and the honest-but-curious trapdoor generation center,thereby preventing attackers from determining whether two different queries include the same keyword.Moreover,we develop a method for managing multiple encrypted keywords from every data owner,each encrypted with a different key.Our evaluation demonstrates that,despite the trade-off overhead that results from the weaker security assumption,the proposed scheme achieves reasonable performance compared to extant schemes,which implies that our scheme is practical and closest to real life.
基金supported in part by the National Natural Science Foundation of China (61272481, 61572460, 61402352)the National Key Research and Development Project (2016YFB0800703)+2 种基金the National Information Security Special Projects of National Developmentthe Reform Commission of China [(2012)1424]China 111 Project (No. B16037)
文摘As cloud computing is becoming prevalent, data owners are motivated to delegate complex data managements to the commercial cloud for economic savings. Sensitive data is usually encrypted before being uploaded to the cloud, which unfortunately makes the frequently-used search function a challenging problem. In this paper, we present a new multi-keyword dynamic search scheme with result ranking to make search over encrypted data more secure and practical. In the scheme, we employ a powerful function-hiding inner product encryption to enhance the security by preventing the leakage of search pattern. For the concern of efficiency, we adopt a tree-based index structure to facilitate the searching process and updating operations. A comprehensive security analysis is provided and experiments over the real world data show that our scheme is efficient.
文摘The problem of information comparison is always an important field of SMC.In order to effectively solve the fully equal problem of multi-data for all information,a secure two-party multi-data comparison protocol for equality(STMC)is proposed with the aid of the NTRU encryption.The protocol converts multi-data comparison problem for equality to polynomials comparison for equality.Analysis shows that the protocol is correct and security in semi-honest model.Being STMC as basic building block,a secure multi-party multi-data comparison protocol for equality(SMMC)is proposed.SMMC provides a solution which n participants hope to determine the equality of their private input sets,on the condition of no information leaked.This protocol is proved to be collusion-resistance security.The last,computational complexity and communication complexity of the two protocols are analyzed.It is shown that new protocols have low complexity.We also give applications in the secure multi-party information comparison problem and secure multi-party polynomial comparison problem.
基金This work is supported,in part,by the National Natural Science Foundation of China under grant numbers 61103215in part,by Hunan Provincial Natural Science Foundation of China.
文摘Data outsourcing has become an important application of cloud computing.Driven by the growing security demands of data outsourcing applications,sensitive data have to be encrypted before outsourcing.Therefore,how to properly encrypt data in a way that the encrypted and remotely stored data can still be queried has become a challenging issue.Searchable encryption scheme is proposed to allow users to search over encrypted data.However,most searchable encryption schemes do not consider search result diversification,resulting in information redundancy.In this paper,a verifiable diversity ranking search scheme over encrypted outsourced data is proposed while preserving privacy in cloud computing,which also supports search results verification.The goal is that the ranked documents concerning diversification instead of reading relevant documents that only deliver redundant information.Extensive experiments on real-world dataset validate our analysis and show that our proposed solution is effective for the diversification of documents and verification.
基金Supported by the Young Scientists Program of CUEB(No.2014XJQ016,00791462722337)National Natural Science Foundation of China(No.61302087)+1 种基金Young Scientific Research Starting Foundation of CUEBImprove Scientific Research Foundation of Beijing Education
文摘Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.
文摘Security measures for a computer network system can be enhanced with better understanding the vulnerabilities and their behavior over the time. It is observed that the effects of vulnerabilities vary with the time over their life cycle. In the present study, we have presented a new methodology to assess the magnitude of the risk of a vulnerability as a “Risk Rank”. To derive this new methodology well known Markovian approach with a transition probability matrix is used including relevant risk factors for discovered and recorded vulnerabilities. However, in addition to observing the risk factor for each vulnerability individually we have introduced the concept of ranking vulnerabilities at a particular time taking a similar approach to Google Page Rank Algorithm. New methodology is exemplified using a simple model of computer network with three recorded vulnerabilities with their CVSS scores.
基金supported by Inner Mongolia Natural Science Foundation(2021MS06006)2023 Inner Mongolia Young Science and Technology Talents Support Project(NJYT23106)+10 种基金2022 Basic Scientific Research Project of Direct Universities of Inner Mongolia(2022-101)2022 Fund Project of Central Government Guiding Local Science and Technology Development(2022ZY0024)2022 Chinese Academy of Sciences“Western Light”Talent Training Program“Western Young Scholars”Project(22040601)Open Foundation of State key Laboratory of Networking and Switching Technology(Beijing University of Posts and Telecommunications)(SKLNST-2023-1-08)Inner Mongolia Discipline Inspection and Supervision Big Data Laboratory Open Project Fund(IMDBD202020)Baotou Kundulun District Science and Technology Plan Project(YF2020013)the 14th Five Year Plan of Education and Science of Inner Mongolia(NGJGH2021167)Inner Mongolia Science and Technology Major Project(2019ZD025)2022 Inner Mongolia Postgraduate Education and Teaching Reform Project(JGSZ2022037)Inner Mongolia Postgraduate Scientific Research Innovation Project(S20231164Z)Research and Application Project of Big Data Privacy Security Computing System(2023)。
文摘In recent years,with the development of blockchain,electronic bidding auction has received more and more attention.Aiming at the possible problems of privacy leakage in the current electronic bidding and auction,this paper proposes an electronic bidding auction system based on blockchain against malicious adversaries,which uses the secure multi-party computation to realize secure bidding auction protocol without any trusted third party.The protocol proposed in this paper is an electronic bidding auction scheme based on the threshold elliptic curve cryptography.It can be implemented without any third party to complete the bidding auction for some malicious behaviors of the participants,which can solve the problem of resisting malicious adversary attacks.The security of the protocol is proved by the real/ideal model paradigm,and the efficiency of the protocol is analyzed.The efficiency of the protocol is verified by simulating experiments,and the protocol has practical value.
基金supported by the National Key R&D Program of China(2022YFB3102100)Shenzhen Fundamental Research Program(JCYJ20220818102414030)+2 种基金the Major Key Project of PCL(PCL2022A03)Shenzhen Science and Technology Program(ZDSYS20210623091809029)Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies(2022B1212010005).
文摘To solve the data island problem,federated learning(FL)provides a solution paradigm where each client sends the model parameters but not the data to a server for model aggregation.Peer-to-peer(P2P)federated learning further improves the robustness of the system,in which there is no server and each client communicates directly with the other.For secure aggregation,secure multi-party computing(SMPC)protocols have been utilized in peer-to-peer manner.However,the ideal SMPC protocols could fail when some clients drop out.In this paper,we propose a robust peer-to-peer learning(RP2PL)algorithm via SMPC to resist clients dropping out.We improve the segmentbased SMPC protocol by adding a check and designing the generation method of random segments.In RP2PL,each client aggregates their models by the improved robust secure multi-part computation protocol when finishes the local training.Experimental results demonstrate that the RP2PL paradigm can mitigate clients dropping out with no significant degradation in performance.
基金Supported by the National Natural Science Foundation of China under Grant Nos.61501247,61373131 and 61702277,the Six Talent Peaks Project of Jiangsu Province(Grant No.2015-XXRJ-013)Natural Science Foundation of Jiangsu Province(Grant No.BK20171458)+3 种基金the Natural Science Foundation of the Higher Education Institutions of Jiangsu Province(China under Grant No.16KJB520030)the NUIST Research Foundation for Talented Scholars under Grant Nos.2015r014,PAPD and CICAEET fundsfunded in part by the Science and Technology Development Fund,Macao SAR(File No.SKL-IOTSC-2018-2020,0018/2019/AKP,0008/2019/AGJ,and FDCT/194/2017/A3)in part by the University of Macao under Grant Nos.MYRG2018-00248-FST and MYRG2019-0137-FST.
文摘Security and privacy issues have attracted the attention of researchers in the field of IoT as the information processing scale grows in sensor networks.Quantum computing,theoretically known as an absolutely secure way to store and transmit information as well as a speed-up way to accelerate local or distributed classical algorithms that are hard to solve with polynomial complexity in computation or communication.In this paper,we focus on the phase estimation method that is crucial to the realization of a general multi-party computing model,which is able to be accelerated by quantum algorithms.A novel multi-party phase estimation algorithm and the related quantum circuit are proposed by using a distributed Oracle operator with iterations.The proved theoretical communication complexity of this algorithm shows it can give the phase estimation before applying multi-party computing efficiently without increasing any additional complexity.Moreover,a practical problem of multi-party dating investigated shows it can make a successful estimation of the number of solution in advance with zero communication complexity by utilizing its special statistic feature.Sufficient simulations present the correctness,validity and efficiency of the proposed estimation method.
文摘In our today’s life, it is obvious that cloud computing is one of the new and most important innovations in the field of information technology which constitutes the ground for speeding up the development in great size storage of data as well as the processing and distribution of data on the largest scale. In other words, the most important interests of any data owner nowadays are related to all of the security as well as the privacy of data, especially in the case of outsourcing private data on a cloud server publicly which has not been one of the well-trusted and reliable domains. With the aim of avoiding any leakage or disclosure of information, we will encrypt any information important or confidential prior to being uploaded to the server and this may lead to an obstacle which encounters any attempt to support any efficient keyword query to be and ranked with matching results on such encrypted data. Recent researches conducted in this area have focused on a single keyword query with no proper ranking scheme in hand. In this paper, we will propose a new model called Secure Model for Preserving Privacy Over Encrypted Cloud Computing (SPEC) to improve the performance of cloud computing and to safeguard privacy of data in comparison to the results of previous researches in regard to accuracy, privacy, security, key generation, storage capacity as well as trapdoor, index generation, index encryption, index update, and finally files retrieval depending on access frequency.
文摘In software-defined networking(SDN),controllers are sinks of information such as network topology collected from switches.Organizations often like to protect their internal network topology and keep their network policies private.We borrow techniques from secure multi-party computation(SMC)to preserve the privacy of policies of SDN controllers about status of routers.On the other hand,the number of controllers is one of the most important concerns in scalability of SMC application in SDNs.To address this issue,we formulate an optimization problem to minimize the number of SDN controllers while considering their reliability in SMC operations.We use Non-Dominated Sorting Genetic Algorithm II(NSGA-II)to determine the optimal number of controllers,and simulate SMC for typical SDNs with this number of controllers.Simulation results show that applying the SMC technique to preserve the privacy of organization policies causes only a little delay in SDNs,which is completely justifiable by the privacy obtained.
基金the National Key Research and Development Program of China(Grant No.2018YFB0804105)in part by the National Natural Science Foundation of China(Grant Nos.62102037,61932019).
文摘Secure multi-party computation(MPC)allows a set of parties to jointly compute a function on their private inputs,and reveals nothing but the output of the function.In the last decade,MPC has rapidly moved from a purely theoretical study to an object of practical interest,with a growing interest in practical applications such as privacy-preserving machine learning(PPML).In this paper,we comprehensively survey existing work on concretely ecient MPC protocols with both semi-honest and malicious security,in both dishonest-majority and honest-majority settings.We focus on considering the notion of security with abort,meaning that corrupted parties could prevent honest parties from receiving output after they receive output.We present high-level ideas of the basic and key approaches for designing di erent styles of MPC protocols and the crucial building blocks of MPC.For MPC applications,we compare the known PPML protocols built on MPC,and describe the eciency of private inference and training for the state-of-the-art PPML protocols.Further-more,we summarize several challenges and open problems to break though the eciency of MPC protocols as well as some interesting future work that is worth being addressed.This survey aims to provide the recent development and key approaches of MPC to researchers,who are interested in knowing,improving,and applying concretely ecient MPC protocols.
基金supported by the National Key Research and Development Program of China(2020YFB1805405)the 111 Project(B21049)+1 种基金the Foundation of Guizhou Provincial Key Laboratory of Public Big Data(2019BDKFJJ014)the Fundamental Research Funds for the Central Universities(2020RC38)
文摘Universality is an important property in software and hardware design.This paper concentrates on the universality of quantum secure multi-party computation(SMC)protocol.First of all,an in-depth study of universality has been conducted,and then a nearly universal protocol is proposed by using the Greenberger-Horne-Zeilinger(GHZ)-like state and stabilizer formalism.The protocol can resolve the quantum SMC problem which can be deduced as modulo subtraction,and the steps are simple and effective.Secondly,three quantum SMC protocols based on the proposed universal protocol:Quantum private comparison(QPC)protocol,quantum millionaire(QM)protocol,and quantum multi-party summation(QMS)protocol are presented.These protocols are given as examples to explain universality.Thirdly,analyses of the example protocols are shown.Concretely,the correctness,fairness,and efficiency are confirmed.And the proposed universal protocol meets security from the perspective of preventing inside attacks and outside attacks.Finally,the experimental results of the example protocols on the International Business Machines(IBM)quantum platform are consistent with the theoretical results.Our research indicates that our protocol is universal to a certain degree and easy to perform.
基金the National Natural Science Foundation of China(No.60803146)
文摘This paper proposes an efficient batch secret sharing protocol among n players resilient to t 〈 n/4 players in asynchronous network. The construction of our protocol is along the line of Hirt's protocol which works in synchronous model. Compared with the method of using secret share protocol m times to share m secrets, our protocol is quite efficient. The protocol can be used to improve the efficiency of secure multi-party computation (MPC) greatly in asynchronous network.