The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to ...The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to withstand malicious cyberattacks.To meet the high hardware resource requirements,address the vulnerability to network attacks and poor reliability in the tradi-tional centralized data storage schemes,this paper proposes a secure storage management method for microgrid data that considers node trust and directed acyclic graph(DAG)consensus mechanism.Firstly,the microgrid data storage model is designed based on the edge computing technology.The blockchain,deployed on the edge computing server and combined with cloud storage,ensures reliable data storage in the microgrid.Secondly,a blockchain consen-sus algorithm based on directed acyclic graph data structure is then proposed to effectively improve the data storage timeliness and avoid disadvantages in traditional blockchain topology such as long chain construction time and low consensus efficiency.Finally,considering the tolerance differences among the candidate chain-building nodes to network attacks,a hash value update mechanism of blockchain header with node trust identification to ensure data storage security is proposed.Experimental results from the microgrid data storage platform show that the proposed method can achieve a private key update time of less than 5 milliseconds.When the number of blockchain nodes is less than 25,the blockchain construction takes no more than 80 mins,and the data throughput is close to 300 kbps.Compared with the traditional chain-topology-based consensus methods that do not consider node trust,the proposed method has higher efficiency in data storage and better resistance to network attacks.展开更多
The problem of information comparison is always an important field of SMC.In order to effectively solve the fully equal problem of multi-data for all information,a secure two-party multi-data comparison protocol for e...The problem of information comparison is always an important field of SMC.In order to effectively solve the fully equal problem of multi-data for all information,a secure two-party multi-data comparison protocol for equality(STMC)is proposed with the aid of the NTRU encryption.The protocol converts multi-data comparison problem for equality to polynomials comparison for equality.Analysis shows that the protocol is correct and security in semi-honest model.Being STMC as basic building block,a secure multi-party multi-data comparison protocol for equality(SMMC)is proposed.SMMC provides a solution which n participants hope to determine the equality of their private input sets,on the condition of no information leaked.This protocol is proved to be collusion-resistance security.The last,computational complexity and communication complexity of the two protocols are analyzed.It is shown that new protocols have low complexity.We also give applications in the secure multi-party information comparison problem and secure multi-party polynomial comparison problem.展开更多
Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has...Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.展开更多
With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the syst...With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the system, which have been widely concerned in the field of wireless communication. However, due to the importance of ownership and privacy protection, the IoT system must provide corresponding security mechanisms. From the perspective of improving the transmission security of CR-NOMA system based on cognitive wireless network, and considering the shortcomings of traditional relay cooperative NOMA system, this paper mainly analyzes the eavesdropping channel model of multi-user CR-NOMA system and derives the expressions of system security and rate to improve the security performance of CR-NOMA system. The basic idea of DC planning algorithm and the scheme of sub-carrier power allocation to improve the transmission security of the system were introduced. An algorithm for DC-CR-NOMA was proposed to maximize the SSR of the system and minimize the energy loss. The simulation results show that under the same complexity, the security and speed of the system can be greatly improved compared with the traditional scheme.展开更多
为解决日趋严重的工业控制系统(industrial control system,ICS)信息安全问题,提出一种针对工业控制网络的非参数累积和(cumulative sum,CUSUM)入侵检测方法.利用ICS输入决定输出的特性,建立ICS的数学模型预测系统的输出,一旦控制系统...为解决日趋严重的工业控制系统(industrial control system,ICS)信息安全问题,提出一种针对工业控制网络的非参数累积和(cumulative sum,CUSUM)入侵检测方法.利用ICS输入决定输出的特性,建立ICS的数学模型预测系统的输出,一旦控制系统的传感器遭受攻击,实际输出信号将发生改变.在每个时刻,计算工业控制模型的预测输出与传感器测量信号的差值,形成基于时间的统计序列,采用非参数CUSUM算法,实现在线检测入侵并报警.仿真检测实验证明,该方法具有良好的实时性和低误报率.选择适当的非参数CUSUM算法参数τ和β,该入侵检测方法不但能在攻击对控制系统造成实质伤害前检测出攻击,还对监测ICS中的误操作有一定帮助.展开更多
In recent years,with the development of blockchain,electronic bidding auction has received more and more attention.Aiming at the possible problems of privacy leakage in the current electronic bidding and auction,this ...In recent years,with the development of blockchain,electronic bidding auction has received more and more attention.Aiming at the possible problems of privacy leakage in the current electronic bidding and auction,this paper proposes an electronic bidding auction system based on blockchain against malicious adversaries,which uses the secure multi-party computation to realize secure bidding auction protocol without any trusted third party.The protocol proposed in this paper is an electronic bidding auction scheme based on the threshold elliptic curve cryptography.It can be implemented without any third party to complete the bidding auction for some malicious behaviors of the participants,which can solve the problem of resisting malicious adversary attacks.The security of the protocol is proved by the real/ideal model paradigm,and the efficiency of the protocol is analyzed.The efficiency of the protocol is verified by simulating experiments,and the protocol has practical value.展开更多
To solve the data island problem,federated learning(FL)provides a solution paradigm where each client sends the model parameters but not the data to a server for model aggregation.Peer-to-peer(P2P)federated learning f...To solve the data island problem,federated learning(FL)provides a solution paradigm where each client sends the model parameters but not the data to a server for model aggregation.Peer-to-peer(P2P)federated learning further improves the robustness of the system,in which there is no server and each client communicates directly with the other.For secure aggregation,secure multi-party computing(SMPC)protocols have been utilized in peer-to-peer manner.However,the ideal SMPC protocols could fail when some clients drop out.In this paper,we propose a robust peer-to-peer learning(RP2PL)algorithm via SMPC to resist clients dropping out.We improve the segmentbased SMPC protocol by adding a check and designing the generation method of random segments.In RP2PL,each client aggregates their models by the improved robust secure multi-part computation protocol when finishes the local training.Experimental results demonstrate that the RP2PL paradigm can mitigate clients dropping out with no significant degradation in performance.展开更多
To protect the systems exposed to the Internet against attacks, a security system with the capability to engage with the attacker is needed. There have been attempts to model the engagement/interactions between users,...To protect the systems exposed to the Internet against attacks, a security system with the capability to engage with the attacker is needed. There have been attempts to model the engagement/interactions between users, both benign and malicious, and network administrators as games. Building on such works, we present a game model which is generic enough to capture various modes of such interactions. The model facilitates stochastic games with imperfect information. The information is imperfect due to erroneous sensors leading to incorrect perception of the current state by the players. To model this error in perception distributed over other multiple states, we use Euclidean distances between the outputs of the sensors. We build a 5-state game to represent the interaction of the administrator with the user. The states correspond to 1) the user being out of the system in the Internet, and after logging in to the system;2) having low privileges;3) having high privileges;4) when he successfully attacks and 5) gets trapped in a honeypot by the administrator. Each state has its own action set. We present the game with a distinct perceived action set corresponding to each distinct information set of these states. The model facilitates stochastic games with imperfect information. The imperfect information is due to erroneous sensors leading to incorrect perception of the current state by the players. To model this error in perception distributed over the states, we use Euclidean distances between outputs of the sensors. A numerical simulation of an example game is presented to show the evaluation of rewards to the players and the preferred strategies. We also present the conditions for formulating the strategies when dealing with more than one attacker and making collaborations.展开更多
Security and privacy issues have attracted the attention of researchers in the field of IoT as the information processing scale grows in sensor networks.Quantum computing,theoretically known as an absolutely secure wa...Security and privacy issues have attracted the attention of researchers in the field of IoT as the information processing scale grows in sensor networks.Quantum computing,theoretically known as an absolutely secure way to store and transmit information as well as a speed-up way to accelerate local or distributed classical algorithms that are hard to solve with polynomial complexity in computation or communication.In this paper,we focus on the phase estimation method that is crucial to the realization of a general multi-party computing model,which is able to be accelerated by quantum algorithms.A novel multi-party phase estimation algorithm and the related quantum circuit are proposed by using a distributed Oracle operator with iterations.The proved theoretical communication complexity of this algorithm shows it can give the phase estimation before applying multi-party computing efficiently without increasing any additional complexity.Moreover,a practical problem of multi-party dating investigated shows it can make a successful estimation of the number of solution in advance with zero communication complexity by utilizing its special statistic feature.Sufficient simulations present the correctness,validity and efficiency of the proposed estimation method.展开更多
To keep the secrecy performance from being badly influenced by untrusted relay(UR), a multi-UR network through amplify-and-forward(AF) cooperative scheme is put forward, which takes relay weight and harmful factor int...To keep the secrecy performance from being badly influenced by untrusted relay(UR), a multi-UR network through amplify-and-forward(AF) cooperative scheme is put forward, which takes relay weight and harmful factor into account. A nonzero-sum game is established to capture the interaction among URs and detection strategies. Secrecy capacity is investigated as game payoff to indicate the untrusted behaviors of the relays. The maximum probabilities of the behaviors of relay and the optimal system detection strategy can be obtained by using the proposed algorithm.展开更多
In software-defined networking(SDN),controllers are sinks of information such as network topology collected from switches.Organizations often like to protect their internal network topology and keep their network poli...In software-defined networking(SDN),controllers are sinks of information such as network topology collected from switches.Organizations often like to protect their internal network topology and keep their network policies private.We borrow techniques from secure multi-party computation(SMC)to preserve the privacy of policies of SDN controllers about status of routers.On the other hand,the number of controllers is one of the most important concerns in scalability of SMC application in SDNs.To address this issue,we formulate an optimization problem to minimize the number of SDN controllers while considering their reliability in SMC operations.We use Non-Dominated Sorting Genetic Algorithm II(NSGA-II)to determine the optimal number of controllers,and simulate SMC for typical SDNs with this number of controllers.Simulation results show that applying the SMC technique to preserve the privacy of organization policies causes only a little delay in SDNs,which is completely justifiable by the privacy obtained.展开更多
文摘The wide application of intelligent terminals in microgrids has fueled the surge of data amount in recent years.In real-world scenarios,microgrids must store large amounts of data efficiently while also being able to withstand malicious cyberattacks.To meet the high hardware resource requirements,address the vulnerability to network attacks and poor reliability in the tradi-tional centralized data storage schemes,this paper proposes a secure storage management method for microgrid data that considers node trust and directed acyclic graph(DAG)consensus mechanism.Firstly,the microgrid data storage model is designed based on the edge computing technology.The blockchain,deployed on the edge computing server and combined with cloud storage,ensures reliable data storage in the microgrid.Secondly,a blockchain consen-sus algorithm based on directed acyclic graph data structure is then proposed to effectively improve the data storage timeliness and avoid disadvantages in traditional blockchain topology such as long chain construction time and low consensus efficiency.Finally,considering the tolerance differences among the candidate chain-building nodes to network attacks,a hash value update mechanism of blockchain header with node trust identification to ensure data storage security is proposed.Experimental results from the microgrid data storage platform show that the proposed method can achieve a private key update time of less than 5 milliseconds.When the number of blockchain nodes is less than 25,the blockchain construction takes no more than 80 mins,and the data throughput is close to 300 kbps.Compared with the traditional chain-topology-based consensus methods that do not consider node trust,the proposed method has higher efficiency in data storage and better resistance to network attacks.
文摘The problem of information comparison is always an important field of SMC.In order to effectively solve the fully equal problem of multi-data for all information,a secure two-party multi-data comparison protocol for equality(STMC)is proposed with the aid of the NTRU encryption.The protocol converts multi-data comparison problem for equality to polynomials comparison for equality.Analysis shows that the protocol is correct and security in semi-honest model.Being STMC as basic building block,a secure multi-party multi-data comparison protocol for equality(SMMC)is proposed.SMMC provides a solution which n participants hope to determine the equality of their private input sets,on the condition of no information leaked.This protocol is proved to be collusion-resistance security.The last,computational complexity and communication complexity of the two protocols are analyzed.It is shown that new protocols have low complexity.We also give applications in the secure multi-party information comparison problem and secure multi-party polynomial comparison problem.
基金Supported by the Young Scientists Program of CUEB(No.2014XJQ016,00791462722337)National Natural Science Foundation of China(No.61302087)+1 种基金Young Scientific Research Starting Foundation of CUEBImprove Scientific Research Foundation of Beijing Education
文摘Efficiency and scalability are still the bottleneck for secure multi-party computation geometry (SMCG). In this work a secure planar convex hull (SPCH) protocol for large-scaled point sets in semi-honest model has been proposed efficiently to solve the above problems. Firstly, a novel priva- cy-preserving point-inclusion (PPPI) protocol is designed based on the classic homomorphic encryp- tion and secure cross product protocol, and it is demonstrated that the complexity of PPPI protocol is independent of the vertex size of the input convex hull. And then on the basis of the novel PPPI pro- tocol, an effective SPCH protocol is presented. Analysis shows that this SPCH protocol has a good performance for large-scaled point sets compared with previous solutions. Moreover, analysis finds that the complexity of our SPCH protocol relies on the size of the points on the outermost layer of the input point sets only.
文摘With the rapid development of the Internet of Things (IoT), non-Orthogonal Multiple Access (NOMA) technology and cognitive wireless network are two promising technologies to improve the spectral efficiency of the system, which have been widely concerned in the field of wireless communication. However, due to the importance of ownership and privacy protection, the IoT system must provide corresponding security mechanisms. From the perspective of improving the transmission security of CR-NOMA system based on cognitive wireless network, and considering the shortcomings of traditional relay cooperative NOMA system, this paper mainly analyzes the eavesdropping channel model of multi-user CR-NOMA system and derives the expressions of system security and rate to improve the security performance of CR-NOMA system. The basic idea of DC planning algorithm and the scheme of sub-carrier power allocation to improve the transmission security of the system were introduced. An algorithm for DC-CR-NOMA was proposed to maximize the SSR of the system and minimize the energy loss. The simulation results show that under the same complexity, the security and speed of the system can be greatly improved compared with the traditional scheme.
文摘为解决日趋严重的工业控制系统(industrial control system,ICS)信息安全问题,提出一种针对工业控制网络的非参数累积和(cumulative sum,CUSUM)入侵检测方法.利用ICS输入决定输出的特性,建立ICS的数学模型预测系统的输出,一旦控制系统的传感器遭受攻击,实际输出信号将发生改变.在每个时刻,计算工业控制模型的预测输出与传感器测量信号的差值,形成基于时间的统计序列,采用非参数CUSUM算法,实现在线检测入侵并报警.仿真检测实验证明,该方法具有良好的实时性和低误报率.选择适当的非参数CUSUM算法参数τ和β,该入侵检测方法不但能在攻击对控制系统造成实质伤害前检测出攻击,还对监测ICS中的误操作有一定帮助.
基金supported by Inner Mongolia Natural Science Foundation(2021MS06006)2023 Inner Mongolia Young Science and Technology Talents Support Project(NJYT23106)+10 种基金2022 Basic Scientific Research Project of Direct Universities of Inner Mongolia(2022-101)2022 Fund Project of Central Government Guiding Local Science and Technology Development(2022ZY0024)2022 Chinese Academy of Sciences“Western Light”Talent Training Program“Western Young Scholars”Project(22040601)Open Foundation of State key Laboratory of Networking and Switching Technology(Beijing University of Posts and Telecommunications)(SKLNST-2023-1-08)Inner Mongolia Discipline Inspection and Supervision Big Data Laboratory Open Project Fund(IMDBD202020)Baotou Kundulun District Science and Technology Plan Project(YF2020013)the 14th Five Year Plan of Education and Science of Inner Mongolia(NGJGH2021167)Inner Mongolia Science and Technology Major Project(2019ZD025)2022 Inner Mongolia Postgraduate Education and Teaching Reform Project(JGSZ2022037)Inner Mongolia Postgraduate Scientific Research Innovation Project(S20231164Z)Research and Application Project of Big Data Privacy Security Computing System(2023)。
文摘In recent years,with the development of blockchain,electronic bidding auction has received more and more attention.Aiming at the possible problems of privacy leakage in the current electronic bidding and auction,this paper proposes an electronic bidding auction system based on blockchain against malicious adversaries,which uses the secure multi-party computation to realize secure bidding auction protocol without any trusted third party.The protocol proposed in this paper is an electronic bidding auction scheme based on the threshold elliptic curve cryptography.It can be implemented without any third party to complete the bidding auction for some malicious behaviors of the participants,which can solve the problem of resisting malicious adversary attacks.The security of the protocol is proved by the real/ideal model paradigm,and the efficiency of the protocol is analyzed.The efficiency of the protocol is verified by simulating experiments,and the protocol has practical value.
基金supported by the National Key R&D Program of China(2022YFB3102100)Shenzhen Fundamental Research Program(JCYJ20220818102414030)+2 种基金the Major Key Project of PCL(PCL2022A03)Shenzhen Science and Technology Program(ZDSYS20210623091809029)Guangdong Provincial Key Laboratory of Novel Security Intelligence Technologies(2022B1212010005).
文摘To solve the data island problem,federated learning(FL)provides a solution paradigm where each client sends the model parameters but not the data to a server for model aggregation.Peer-to-peer(P2P)federated learning further improves the robustness of the system,in which there is no server and each client communicates directly with the other.For secure aggregation,secure multi-party computing(SMPC)protocols have been utilized in peer-to-peer manner.However,the ideal SMPC protocols could fail when some clients drop out.In this paper,we propose a robust peer-to-peer learning(RP2PL)algorithm via SMPC to resist clients dropping out.We improve the segmentbased SMPC protocol by adding a check and designing the generation method of random segments.In RP2PL,each client aggregates their models by the improved robust secure multi-part computation protocol when finishes the local training.Experimental results demonstrate that the RP2PL paradigm can mitigate clients dropping out with no significant degradation in performance.
文摘To protect the systems exposed to the Internet against attacks, a security system with the capability to engage with the attacker is needed. There have been attempts to model the engagement/interactions between users, both benign and malicious, and network administrators as games. Building on such works, we present a game model which is generic enough to capture various modes of such interactions. The model facilitates stochastic games with imperfect information. The information is imperfect due to erroneous sensors leading to incorrect perception of the current state by the players. To model this error in perception distributed over other multiple states, we use Euclidean distances between the outputs of the sensors. We build a 5-state game to represent the interaction of the administrator with the user. The states correspond to 1) the user being out of the system in the Internet, and after logging in to the system;2) having low privileges;3) having high privileges;4) when he successfully attacks and 5) gets trapped in a honeypot by the administrator. Each state has its own action set. We present the game with a distinct perceived action set corresponding to each distinct information set of these states. The model facilitates stochastic games with imperfect information. The imperfect information is due to erroneous sensors leading to incorrect perception of the current state by the players. To model this error in perception distributed over the states, we use Euclidean distances between outputs of the sensors. A numerical simulation of an example game is presented to show the evaluation of rewards to the players and the preferred strategies. We also present the conditions for formulating the strategies when dealing with more than one attacker and making collaborations.
基金Supported by the National Natural Science Foundation of China under Grant Nos.61501247,61373131 and 61702277,the Six Talent Peaks Project of Jiangsu Province(Grant No.2015-XXRJ-013)Natural Science Foundation of Jiangsu Province(Grant No.BK20171458)+3 种基金the Natural Science Foundation of the Higher Education Institutions of Jiangsu Province(China under Grant No.16KJB520030)the NUIST Research Foundation for Talented Scholars under Grant Nos.2015r014,PAPD and CICAEET fundsfunded in part by the Science and Technology Development Fund,Macao SAR(File No.SKL-IOTSC-2018-2020,0018/2019/AKP,0008/2019/AGJ,and FDCT/194/2017/A3)in part by the University of Macao under Grant Nos.MYRG2018-00248-FST and MYRG2019-0137-FST.
文摘Security and privacy issues have attracted the attention of researchers in the field of IoT as the information processing scale grows in sensor networks.Quantum computing,theoretically known as an absolutely secure way to store and transmit information as well as a speed-up way to accelerate local or distributed classical algorithms that are hard to solve with polynomial complexity in computation or communication.In this paper,we focus on the phase estimation method that is crucial to the realization of a general multi-party computing model,which is able to be accelerated by quantum algorithms.A novel multi-party phase estimation algorithm and the related quantum circuit are proposed by using a distributed Oracle operator with iterations.The proved theoretical communication complexity of this algorithm shows it can give the phase estimation before applying multi-party computing efficiently without increasing any additional complexity.Moreover,a practical problem of multi-party dating investigated shows it can make a successful estimation of the number of solution in advance with zero communication complexity by utilizing its special statistic feature.Sufficient simulations present the correctness,validity and efficiency of the proposed estimation method.
基金Supported by the National Natural Science Foundation of China(No.61101223)
文摘To keep the secrecy performance from being badly influenced by untrusted relay(UR), a multi-UR network through amplify-and-forward(AF) cooperative scheme is put forward, which takes relay weight and harmful factor into account. A nonzero-sum game is established to capture the interaction among URs and detection strategies. Secrecy capacity is investigated as game payoff to indicate the untrusted behaviors of the relays. The maximum probabilities of the behaviors of relay and the optimal system detection strategy can be obtained by using the proposed algorithm.
文摘In software-defined networking(SDN),controllers are sinks of information such as network topology collected from switches.Organizations often like to protect their internal network topology and keep their network policies private.We borrow techniques from secure multi-party computation(SMC)to preserve the privacy of policies of SDN controllers about status of routers.On the other hand,the number of controllers is one of the most important concerns in scalability of SMC application in SDNs.To address this issue,we formulate an optimization problem to minimize the number of SDN controllers while considering their reliability in SMC operations.We use Non-Dominated Sorting Genetic Algorithm II(NSGA-II)to determine the optimal number of controllers,and simulate SMC for typical SDNs with this number of controllers.Simulation results show that applying the SMC technique to preserve the privacy of organization policies causes only a little delay in SDNs,which is completely justifiable by the privacy obtained.
