In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose...In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose a Hadoop based big data secure storage scheme.Firstly,in order to disperse the NameNode service from a single server to multiple servers,we combine HDFS federation and HDFS high-availability mechanisms,and use the Zookeeper distributed coordination mechanism to coordinate each node to achieve dual-channel storage.Then,we improve the ECC encryption algorithm for the encryption of ordinary data,and adopt a homomorphic encryption algorithm to encrypt data that needs to be calculated.To accelerate the encryption,we adopt the dualthread encryption mode.Finally,the HDFS control module is designed to combine the encryption algorithm with the storage model.Experimental results show that the proposed solution solves the problem of a single point of failure of metadata,performs well in terms of metadata reliability,and can realize the fault tolerance of the server.The improved encryption algorithm integrates the dual-channel storage mode,and the encryption storage efficiency improves by 27.6% on average.展开更多
Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits s...Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.展开更多
Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agric...Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agricultural monitoring,they often face limitations such as high power consumption,restricted mobility,complex deployment requirements,and inadequate security measures for data access.This paper introduces an enhanced IoT application for agricultural monitoring systems that address these critical shortcomings.Our system strategically combines power efficiency,portability,and secure access capabilities,assisting farmers in monitoring and tracking crop environmental conditions.The proposed system includes a remote camera that captures images of surrounding plants and a sensor module that regularly monitors various environmental factors,including temperature,humidity,and soil moisture.We implement power management strategies to minimize energy consumption compared to existing solutions.Unlike conventional systems,our implementation utilizes the Amazon Web Services(AWS)cloud platform for reliable data storage and processing while incorporating comprehensive security measures,including Two-Factor Authentication(2FA)and JSON Web Tokens(JWT),features often overlooked in current agricultural IoT solutions.Users can access this secure monitoring system via a developed Android application,providing convenient mobile access to the gathered plant data.We validate our system’s advantages by implementing it with two potted garlic plants on Okayama University’s rooftop.Our evaluation demonstrates high sensor reliabil-ity,with strong correlations between sensor readings and reference data,achieving determination coefficients(R2)of 0.979 for temperature and 0.750 for humidity measurements.The implemented power management strategies extend battery life to 10 days on a single charge,significantly outperforming existing systems that typically require daily recharging.Furthermore,our dual-layer security implementation utilizing 2FA and JWT successfully protects sensitive agricultural data from unauthorized access.展开更多
Dear Editor,This letter is concerned with the secure tracking control problem in the unmanned aerial vehicle(UAV) system by fixed-time convergent reinforcement learning(RL). By virtue of the zero-sum game,the false da...Dear Editor,This letter is concerned with the secure tracking control problem in the unmanned aerial vehicle(UAV) system by fixed-time convergent reinforcement learning(RL). By virtue of the zero-sum game,the false data injection(FDI) attacker and secure controller are viewed as game players.展开更多
Secure and efficient outsourced computation in cloud computing environments is crucial for ensuring data confidentiality, integrity, and resource optimization. In this research, we propose novel algorithms and methodo...Secure and efficient outsourced computation in cloud computing environments is crucial for ensuring data confidentiality, integrity, and resource optimization. In this research, we propose novel algorithms and methodologies to address these challenges. Through a series of experiments, we evaluate the performance, security, and efficiency of the proposed algorithms in real-world cloud environments. Our results demonstrate the effectiveness of homomorphic encryption-based secure computation, secure multiparty computation, and trusted execution environment-based approaches in mitigating security threats while ensuring efficient resource utilization. Specifically, our homomorphic encryption-based algorithm exhibits encryption times ranging from 20 to 1000 milliseconds and decryption times ranging from 25 to 1250 milliseconds for payload sizes varying from 100 KB to 5000 KB. Furthermore, our comparative analysis against state-of-the-art solutions reveals the strengths of our proposed algorithms in terms of security guarantees, encryption overhead, and communication latency.展开更多
In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic method...In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.展开更多
Explainable Artificial Intelligence(XAI)has an advanced feature to enhance the decision-making feature and improve the rule-based technique by using more advanced Machine Learning(ML)and Deep Learning(DL)based algorit...Explainable Artificial Intelligence(XAI)has an advanced feature to enhance the decision-making feature and improve the rule-based technique by using more advanced Machine Learning(ML)and Deep Learning(DL)based algorithms.In this paper,we chose e-healthcare systems for efficient decision-making and data classification,especially in data security,data handling,diagnostics,laboratories,and decision-making.Federated Machine Learning(FML)is a new and advanced technology that helps to maintain privacy for Personal Health Records(PHR)and handle a large amount of medical data effectively.In this context,XAI,along with FML,increases efficiency and improves the security of e-healthcare systems.The experiments show efficient system performance by implementing a federated averaging algorithm on an open-source Federated Learning(FL)platform.The experimental evaluation demonstrates the accuracy rate by taking epochs size 5,batch size 16,and the number of clients 5,which shows a higher accuracy rate(19,104).We conclude the paper by discussing the existing gaps and future work in an e-healthcare system.展开更多
GitHub Actions, a popular CI/CD platform, introduces significant security challenges due to its integration with GitHub’s open ecosystem and its use of flexible workflow configurations. This paper presents Sher, a Py...GitHub Actions, a popular CI/CD platform, introduces significant security challenges due to its integration with GitHub’s open ecosystem and its use of flexible workflow configurations. This paper presents Sher, a Python-based tool that enhances the security of GitHub Actions by automating the detection and remediation of security issues in workflows. Self-Hosted Ephemeral Runner, or Sher, acts as a broker between GitHub’s APIs and a customizable, isolated environment, analyzing workflows through a static rules engine and automatically fixing identified issues. By providing a secure, ephemeral runner environment and a dynamic analysis tool, Sher addresses common misconfigurations and vulnerabilities, contributing to the resilience and integrity of DevSecOps practices within software development pipelines.展开更多
The automatic collection of power grid situation information, along with real-time multimedia interaction between the front and back ends during the accident handling process, has generated a massive amount of power g...The automatic collection of power grid situation information, along with real-time multimedia interaction between the front and back ends during the accident handling process, has generated a massive amount of power grid data. While wireless communication offers a convenient channel for grid terminal access and data transmission, it is important to note that the bandwidth of wireless communication is limited. Additionally, the broadcast nature of wireless transmission raises concerns about the potential for unauthorized eavesdropping during data transmission. To address these challenges and achieve reliable, secure, and real-time transmission of power grid data, an intelligent security transmission strategy with sensor-transmission-computing linkage is proposed in this paper. The primary objective of this strategy is to maximize the confidentiality capacity of the system. To tackle this, an optimization problem is formulated, taking into consideration interruption probability and interception probability as constraints. To efficiently solve this optimization problem, a low-complexity algorithm rooted in deep reinforcement learning is designed, which aims to derive a suboptimal solution for the problem at hand. Ultimately, through simulation results, the validity of the proposed strategy in guaranteed communication security, stability, and timeliness is substantiated. The results confirm that the proposed intelligent security transmission strategy significantly contributes to the safeguarding of communication integrity, system stability, and timely data delivery.展开更多
Cascade index modulation(CIM) is a recently proposed improvement of orthogonal frequency division multiplexing with index modulation(OFDM-IM) and achieves better error performance.In CIM, at least two different IM ope...Cascade index modulation(CIM) is a recently proposed improvement of orthogonal frequency division multiplexing with index modulation(OFDM-IM) and achieves better error performance.In CIM, at least two different IM operations construct a super IM operation or achieve new functionality. First, we propose a OFDM with generalized CIM(OFDM-GCIM) scheme to achieve a joint IM of subcarrier selection and multiple-mode(MM)permutations by using a multilevel digital algorithm.Then, two schemes, called double CIM(D-CIM) and multiple-layer CIM(M-CIM), are proposed for secure communication, which combine new IM operation for disrupting the original order of bits and symbols with conventional OFDM-IM, to protect the legitimate users from eavesdropping in the wireless communications. A subcarrier-wise maximum likelihood(ML) detector and a low complexity log-likelihood ratio(LLR) detector are proposed for the legitimate users. A tight upper bound on the bit error rate(BER) of the proposed OFDM-GCIM, D-CIM and MCIM at the legitimate users are derived in closed form by employing the ML criteria detection. Computer simulations and numerical results show that the proposed OFDM-GCIM achieves superior error performance than OFDM-IM, and the error performance at the eavesdroppers demonstrates the security of D-CIM and M-CIM.展开更多
The working of a Mobile Ad hoc NETwork(MANET)relies on the supportive cooperation among the network nodes.But due to its intrinsic features,a misbehaving node can easily lead to a routing disorder.This paper presents ...The working of a Mobile Ad hoc NETwork(MANET)relies on the supportive cooperation among the network nodes.But due to its intrinsic features,a misbehaving node can easily lead to a routing disorder.This paper presents two trust-based routing schemes,namely Trust-based Self-Detection Routing(TSDR)and Trust-based Cooperative Routing(TCOR)designed with an Ad hoc On-demand Distance Vector(AODV)protocol.The proposed work covers a wide range of security challenges,including malicious node identification and prevention,accurate trust quantification,secure trust data sharing,and trusted route maintenance.This brings a prominent solution for mitigating misbehaving nodes and establishing efficient communication in MANET.It is empirically validated based on a performance comparison with the current Evolutionary Self-Cooperative Trust(ESCT)scheme,Generalized Trust Model(GTM),and the conventional AODV protocol.The extensive simulations are conducted against three different varying network scenarios.The results affirm the improved values of eight popular performance metrics overcoming the existing routing schemes.Among the two proposed works,TCOR is more suitable for highly scalable networks;TSDR suits,however,the MANET application better with its small size.This work thus makes a significant contribution to the research community,in contrast to many previous works focusing solely on specific security aspects,and results in a trade-off in the expected values of evaluation parameters and asserts their efficiency.展开更多
This work employs intelligent reflecting surface(IRS)to enhance secure and covert communication performance.We formulate an optimization problem to jointly design both the reflection beamformer at IRS and transmit pow...This work employs intelligent reflecting surface(IRS)to enhance secure and covert communication performance.We formulate an optimization problem to jointly design both the reflection beamformer at IRS and transmit power at transmitter Alice in order to optimize the achievable secrecy rate at Bob subject to a covertness constraint.We first develop a Dinkelbach-based algorithm to achieve an upper bound performance and a high-quality solution.For reducing the overhead and computational complexity of the Dinkelbach-based scheme,we further conceive a low-complexity algorithm in which analytical expression for the IRS reflection beamforming is derived at each iteration.Examination result shows that the devised low-complexity algorithm is able to achieve similar secrecy rate performance as the Dinkelbach-based algorithm.Our examination also shows that introducing an IRS into the considered system can significantly improve the secure and covert communication performance relative to the scheme without IRS.展开更多
This paper was motivated by the existing problems of Cloud Data storage in Imo State University, Nigeria such as outsourced data causing the loss of data and misuse of customer information by unauthorized users or hac...This paper was motivated by the existing problems of Cloud Data storage in Imo State University, Nigeria such as outsourced data causing the loss of data and misuse of customer information by unauthorized users or hackers, thereby making customer/client data visible and unprotected. Also, this led to enormous risk of the clients/customers due to defective equipment, bugs, faulty servers, and specious actions. The aim if this paper therefore is to analyze a secure model using Unicode Transformation Format (UTF) base 64 algorithms for storage of data in cloud securely. The methodology used was Object Orientated Hypermedia Analysis and Design Methodology (OOHADM) was adopted. Python was used to develop the security model;the role-based access control (RBAC) and multi-factor authentication (MFA) to enhance security Algorithm were integrated into the Information System developed with HTML 5, JavaScript, Cascading Style Sheet (CSS) version 3 and PHP7. This paper also discussed some of the following concepts;Development of Computing in Cloud, Characteristics of computing, Cloud deployment Model, Cloud Service Models, etc. The results showed that the proposed enhanced security model for information systems of cooperate platform handled multiple authorization and authentication menace, that only one login page will direct all login requests of the different modules to one Single Sign On Server (SSOS). This will in turn redirect users to their requested resources/module when authenticated, leveraging on the Geo-location integration for physical location validation. The emergence of this newly developed system will solve the shortcomings of the existing systems and reduce time and resources incurred while using the existing system.展开更多
This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.W...This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.展开更多
This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication...This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication among traveling vehicles.Finally,it aims to find a secure solution to prevent blackhole attacks on vehicular network communications.The proposed solution relies on authenticating vehicles by joining a blockchain network.This technology provides identification information and receives cryptography keys.Moreover,the ad hoc on-demand distance vector(AODV)protocol is used for route discovery and ensuring reliable node communication.The system activates an adaptive mode for monitoring communications and continually adjusts trust scores based on packet delivery performance.From the experimental study,we can infer that the proposed protocol has successfully detected and prevented blackhole attacks for different numbers of simulated vehicles and at different traveling speeds.This reduces accident rates by 60%and increases the packet delivery ratio and the throughput of the connecting network by 40%and 20%,respectively.However,extra overheads in delay and memory are required to create and initialize the blockchain network.展开更多
In order to improve the Physical Layer Security(PLS)perspective,this paper aims to empower function of PLS by considering a backhaul Non-Orthogonal Multiple Access(NOMA)system in two practical situations.In the propos...In order to improve the Physical Layer Security(PLS)perspective,this paper aims to empower function of PLS by considering a backhaul Non-Orthogonal Multiple Access(NOMA)system in two practical situations.In the proposed schemes,the untrusted user intercepts information transmitted to the far user,or the external eavesdropper overhears confidential information sent to the far user in the context of NOMA technique.Unlike the conventional NOMA systems,this paper emphasizes the actual situations of the existence of actual illegal users and legitimate users,especially the reasonable use of relay selection architecture to improve the confidentiality performance.To evaluate the security properties of the proposed scheme,a comprehensive analysis of the Security Outage Probability(SOP)performance is first performed,and then the corresponding SOP asymptotic expressions are derived for real scenarios related to eavesdroppers and untrusted users.Numerical results are performed to verify the analysis in terms of the secure performance metric.展开更多
Prompt radiation emitted during accelerator operation poses a significant health risk,necessitating a thorough search and securing of hazardous areas prior to initiation.Currently,manual sweep methods are employed.How...Prompt radiation emitted during accelerator operation poses a significant health risk,necessitating a thorough search and securing of hazardous areas prior to initiation.Currently,manual sweep methods are employed.However,the limitations of manual sweeps have become increasingly evident with the implementation of large-scale accelerators.By leveraging advancements in machine vision technology,the automatic identification of stranded personnel in controlled areas through camera imagery presents a viable solution for efficient search and security.Given the criticality of personal safety for stranded individuals,search and security processes must be sufficiently reliable.To ensure comprehensive coverage,180°camera groups were strategically positioned on both sides of the accelerator tunnel to eliminate blind spots within the monitoring range.The YOLOV8 network model was modified to enable the detection of small targets,such as hands and feet,as well as larger targets formed by individuals near the cameras.Furthermore,the system incorporates a pedestrian recognition model that detects human body parts,and an information fusion strategy is used to integrate the detected head,hands,and feet with the identified pedestrians as a cohesive unit.This strategy enhanced the capability of the model to identify pedestrians obstructed by equipment,resulting in a notable improvement in the recall rate.Specifically,recall rates of 0.915 and 0.82were obtained for Datasets 1 and 2,respectively.Although there was a slight decrease in accuracy,it aligned with the intended purpose of the search-and-secure software design.Experimental tests conducted within an accelerator tunnel demonstrated the effectiveness of this approach in achieving reliable recognition outcomes.展开更多
With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.Th...With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.The best way to enhance traffic flow for vehicles and traffic management departments is to share thedata they receive.There needs to be more protection for the VANET systems.An effective and safe methodof outsourcing is suggested,which reduces computation costs by achieving data security using a homomorphicmapping based on the conjugate operation of matrices.This research proposes a VANET-based data outsourcingsystem to fix the issues.To keep data outsourcing secure,the suggested model takes cryptography models intoaccount.Fog will keep the generated keys for the purpose of vehicle authentication.For controlling and overseeingthe outsourced data while preserving privacy,the suggested approach considers the Trusted Certified Auditor(TCA).Using the secret key,TCA can identify the genuine identity of VANETs when harmful messages aredetected.The proposed model develops a TCA-based unique static vehicle labeling system using cryptography(TCA-USVLC)for secure data outsourcing and privacy preservation in VANETs.The proposed model calculatesthe trust of vehicles in 16 ms for an average of 180 vehicles and achieves 98.6%accuracy for data encryption toprovide security.The proposedmodel achieved 98.5%accuracy in data outsourcing and 98.6%accuracy in privacypreservation in fog-enabled VANETs.Elliptical curve cryptography models can be applied in the future for betterencryption and decryption rates with lightweight cryptography operations.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
In this article,the secure computation efficiency(SCE)problem is studied in a massive multipleinput multiple-output(mMIMO)-assisted mobile edge computing(MEC)network.We first derive the secure transmission rate based ...In this article,the secure computation efficiency(SCE)problem is studied in a massive multipleinput multiple-output(mMIMO)-assisted mobile edge computing(MEC)network.We first derive the secure transmission rate based on the mMIMO under imperfect channel state information.Based on this,the SCE maximization problem is formulated by jointly optimizing the local computation frequency,the offloading time,the downloading time,the users and the base station transmit power.Due to its difficulty to directly solve the formulated problem,we first transform the fractional objective function into the subtractive form one via the dinkelbach method.Next,the original problem is transformed into a convex one by applying the successive convex approximation technique,and an iteration algorithm is proposed to obtain the solutions.Finally,the stimulations are conducted to show that the performance of the proposed schemes is superior to that of the other schemes.展开更多
文摘In order to address the problems of the single encryption algorithm,such as low encryption efficiency and unreliable metadata for static data storage of big data platforms in the cloud computing environment,we propose a Hadoop based big data secure storage scheme.Firstly,in order to disperse the NameNode service from a single server to multiple servers,we combine HDFS federation and HDFS high-availability mechanisms,and use the Zookeeper distributed coordination mechanism to coordinate each node to achieve dual-channel storage.Then,we improve the ECC encryption algorithm for the encryption of ordinary data,and adopt a homomorphic encryption algorithm to encrypt data that needs to be calculated.To accelerate the encryption,we adopt the dualthread encryption mode.Finally,the HDFS control module is designed to combine the encryption algorithm with the storage model.Experimental results show that the proposed solution solves the problem of a single point of failure of metadata,performs well in terms of metadata reliability,and can realize the fault tolerance of the server.The improved encryption algorithm integrates the dual-channel storage mode,and the encryption storage efficiency improves by 27.6% on average.
基金the National Natural Science Foundation of China,GrantNumbers(62272007,62001007)the Natural Science Foundation of Beijing,GrantNumbers(4234083,4212018)The authors also acknowledge the support from King Khalid University for funding this research through the Large Group Project under Grant Number RGP.2/373/45.
文摘Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.
基金supported by the budget of GIC project at Okayama University.
文摘Global food security is a pressing issue that affects the stability and well-being of communities worldwide.While existing Internet of Things(IoT)enabled plant monitoring systems have made significant strides in agricultural monitoring,they often face limitations such as high power consumption,restricted mobility,complex deployment requirements,and inadequate security measures for data access.This paper introduces an enhanced IoT application for agricultural monitoring systems that address these critical shortcomings.Our system strategically combines power efficiency,portability,and secure access capabilities,assisting farmers in monitoring and tracking crop environmental conditions.The proposed system includes a remote camera that captures images of surrounding plants and a sensor module that regularly monitors various environmental factors,including temperature,humidity,and soil moisture.We implement power management strategies to minimize energy consumption compared to existing solutions.Unlike conventional systems,our implementation utilizes the Amazon Web Services(AWS)cloud platform for reliable data storage and processing while incorporating comprehensive security measures,including Two-Factor Authentication(2FA)and JSON Web Tokens(JWT),features often overlooked in current agricultural IoT solutions.Users can access this secure monitoring system via a developed Android application,providing convenient mobile access to the gathered plant data.We validate our system’s advantages by implementing it with two potted garlic plants on Okayama University’s rooftop.Our evaluation demonstrates high sensor reliabil-ity,with strong correlations between sensor readings and reference data,achieving determination coefficients(R2)of 0.979 for temperature and 0.750 for humidity measurements.The implemented power management strategies extend battery life to 10 days on a single charge,significantly outperforming existing systems that typically require daily recharging.Furthermore,our dual-layer security implementation utilizing 2FA and JWT successfully protects sensitive agricultural data from unauthorized access.
基金supported partially by Guangdong Basic and Applied Basic Research Foundation (2023A1515 011220)National Natural Science Foundation of China (62073269)+2 种基金Key Research and Development Program of Shaanxi (2022GY-244)Aeronautical Science Foundation of China (2020Z034053002)Natural Science Foundation of Chongqing,China (CSTB2022NSCQMSX0963)。
文摘Dear Editor,This letter is concerned with the secure tracking control problem in the unmanned aerial vehicle(UAV) system by fixed-time convergent reinforcement learning(RL). By virtue of the zero-sum game,the false data injection(FDI) attacker and secure controller are viewed as game players.
文摘Secure and efficient outsourced computation in cloud computing environments is crucial for ensuring data confidentiality, integrity, and resource optimization. In this research, we propose novel algorithms and methodologies to address these challenges. Through a series of experiments, we evaluate the performance, security, and efficiency of the proposed algorithms in real-world cloud environments. Our results demonstrate the effectiveness of homomorphic encryption-based secure computation, secure multiparty computation, and trusted execution environment-based approaches in mitigating security threats while ensuring efficient resource utilization. Specifically, our homomorphic encryption-based algorithm exhibits encryption times ranging from 20 to 1000 milliseconds and decryption times ranging from 25 to 1250 milliseconds for payload sizes varying from 100 KB to 5000 KB. Furthermore, our comparative analysis against state-of-the-art solutions reveals the strengths of our proposed algorithms in terms of security guarantees, encryption overhead, and communication latency.
文摘In an era characterized by digital pervasiveness and rapidly expanding datasets,ensuring the integrity and reliability of information is paramount.As cyber threats evolve in complexity,traditional cryptographic methods face increasingly sophisticated challenges.This article initiates an exploration into these challenges,focusing on key exchanges(encompassing their variety and subtleties),scalability,and the time metrics associated with various cryptographic processes.We propose a novel cryptographic approach underpinned by theoretical frameworks and practical engineering.Central to this approach is a thorough analysis of the interplay between Confidentiality and Integrity,foundational pillars of information security.Our method employs a phased strategy,beginning with a detailed examination of traditional cryptographic processes,including Elliptic Curve Diffie-Hellman(ECDH)key exchanges.We also delve into encrypt/decrypt paradigms,signature generation modes,and the hashes used for Message Authentication Codes(MACs).Each process is rigorously evaluated for performance and reliability.To gain a comprehensive understanding,a meticulously designed simulation was conducted,revealing the strengths and potential improvement areas of various techniques.Notably,our cryptographic protocol achieved a confidentiality metric of 9.13 in comprehensive simulation runs,marking a significant advancement over existing methods.Furthermore,with integrity metrics at 9.35,the protocol’s resilience is further affirmed.These metrics,derived from stringent testing,underscore the protocol’s efficacy in enhancing data security.
文摘Explainable Artificial Intelligence(XAI)has an advanced feature to enhance the decision-making feature and improve the rule-based technique by using more advanced Machine Learning(ML)and Deep Learning(DL)based algorithms.In this paper,we chose e-healthcare systems for efficient decision-making and data classification,especially in data security,data handling,diagnostics,laboratories,and decision-making.Federated Machine Learning(FML)is a new and advanced technology that helps to maintain privacy for Personal Health Records(PHR)and handle a large amount of medical data effectively.In this context,XAI,along with FML,increases efficiency and improves the security of e-healthcare systems.The experiments show efficient system performance by implementing a federated averaging algorithm on an open-source Federated Learning(FL)platform.The experimental evaluation demonstrates the accuracy rate by taking epochs size 5,batch size 16,and the number of clients 5,which shows a higher accuracy rate(19,104).We conclude the paper by discussing the existing gaps and future work in an e-healthcare system.
文摘GitHub Actions, a popular CI/CD platform, introduces significant security challenges due to its integration with GitHub’s open ecosystem and its use of flexible workflow configurations. This paper presents Sher, a Python-based tool that enhances the security of GitHub Actions by automating the detection and remediation of security issues in workflows. Self-Hosted Ephemeral Runner, or Sher, acts as a broker between GitHub’s APIs and a customizable, isolated environment, analyzing workflows through a static rules engine and automatically fixing identified issues. By providing a secure, ephemeral runner environment and a dynamic analysis tool, Sher addresses common misconfigurations and vulnerabilities, contributing to the resilience and integrity of DevSecOps practices within software development pipelines.
文摘The automatic collection of power grid situation information, along with real-time multimedia interaction between the front and back ends during the accident handling process, has generated a massive amount of power grid data. While wireless communication offers a convenient channel for grid terminal access and data transmission, it is important to note that the bandwidth of wireless communication is limited. Additionally, the broadcast nature of wireless transmission raises concerns about the potential for unauthorized eavesdropping during data transmission. To address these challenges and achieve reliable, secure, and real-time transmission of power grid data, an intelligent security transmission strategy with sensor-transmission-computing linkage is proposed in this paper. The primary objective of this strategy is to maximize the confidentiality capacity of the system. To tackle this, an optimization problem is formulated, taking into consideration interruption probability and interception probability as constraints. To efficiently solve this optimization problem, a low-complexity algorithm rooted in deep reinforcement learning is designed, which aims to derive a suboptimal solution for the problem at hand. Ultimately, through simulation results, the validity of the proposed strategy in guaranteed communication security, stability, and timeliness is substantiated. The results confirm that the proposed intelligent security transmission strategy significantly contributes to the safeguarding of communication integrity, system stability, and timely data delivery.
基金supported by National Natural Science Foundation of China (No. 61971149, 62071504, 62271208)in part by the Special Projects in Key Fields for General Universities of Guangdong Province (No. 2020ZDZX3025, 2021ZDZX056)+1 种基金in part by the Guangdong Basic and Applied Basic Research Foundation (No. 2021A1515011657)in part by the Featured Innovation Projects of Guangdong Province of China (No. 2021KTSCX049)。
文摘Cascade index modulation(CIM) is a recently proposed improvement of orthogonal frequency division multiplexing with index modulation(OFDM-IM) and achieves better error performance.In CIM, at least two different IM operations construct a super IM operation or achieve new functionality. First, we propose a OFDM with generalized CIM(OFDM-GCIM) scheme to achieve a joint IM of subcarrier selection and multiple-mode(MM)permutations by using a multilevel digital algorithm.Then, two schemes, called double CIM(D-CIM) and multiple-layer CIM(M-CIM), are proposed for secure communication, which combine new IM operation for disrupting the original order of bits and symbols with conventional OFDM-IM, to protect the legitimate users from eavesdropping in the wireless communications. A subcarrier-wise maximum likelihood(ML) detector and a low complexity log-likelihood ratio(LLR) detector are proposed for the legitimate users. A tight upper bound on the bit error rate(BER) of the proposed OFDM-GCIM, D-CIM and MCIM at the legitimate users are derived in closed form by employing the ML criteria detection. Computer simulations and numerical results show that the proposed OFDM-GCIM achieves superior error performance than OFDM-IM, and the error performance at the eavesdroppers demonstrates the security of D-CIM and M-CIM.
文摘The working of a Mobile Ad hoc NETwork(MANET)relies on the supportive cooperation among the network nodes.But due to its intrinsic features,a misbehaving node can easily lead to a routing disorder.This paper presents two trust-based routing schemes,namely Trust-based Self-Detection Routing(TSDR)and Trust-based Cooperative Routing(TCOR)designed with an Ad hoc On-demand Distance Vector(AODV)protocol.The proposed work covers a wide range of security challenges,including malicious node identification and prevention,accurate trust quantification,secure trust data sharing,and trusted route maintenance.This brings a prominent solution for mitigating misbehaving nodes and establishing efficient communication in MANET.It is empirically validated based on a performance comparison with the current Evolutionary Self-Cooperative Trust(ESCT)scheme,Generalized Trust Model(GTM),and the conventional AODV protocol.The extensive simulations are conducted against three different varying network scenarios.The results affirm the improved values of eight popular performance metrics overcoming the existing routing schemes.Among the two proposed works,TCOR is more suitable for highly scalable networks;TSDR suits,however,the MANET application better with its small size.This work thus makes a significant contribution to the research community,in contrast to many previous works focusing solely on specific security aspects,and results in a trade-off in the expected values of evaluation parameters and asserts their efficiency.
基金supported in part by National Natural Science Foundation of China under Grant 62371004 and Grant 62301005in part by the University Synergy Innovation Program of Anhui Province under Grant GXXT-2022-055+1 种基金in part by the Natural Science Foundation of Anhui Province under Grant 2308085QF197in part by the Natural Science Research Project of Education Department of Anhui Province of China under Grant 2023AH051031。
文摘This work employs intelligent reflecting surface(IRS)to enhance secure and covert communication performance.We formulate an optimization problem to jointly design both the reflection beamformer at IRS and transmit power at transmitter Alice in order to optimize the achievable secrecy rate at Bob subject to a covertness constraint.We first develop a Dinkelbach-based algorithm to achieve an upper bound performance and a high-quality solution.For reducing the overhead and computational complexity of the Dinkelbach-based scheme,we further conceive a low-complexity algorithm in which analytical expression for the IRS reflection beamforming is derived at each iteration.Examination result shows that the devised low-complexity algorithm is able to achieve similar secrecy rate performance as the Dinkelbach-based algorithm.Our examination also shows that introducing an IRS into the considered system can significantly improve the secure and covert communication performance relative to the scheme without IRS.
文摘This paper was motivated by the existing problems of Cloud Data storage in Imo State University, Nigeria such as outsourced data causing the loss of data and misuse of customer information by unauthorized users or hackers, thereby making customer/client data visible and unprotected. Also, this led to enormous risk of the clients/customers due to defective equipment, bugs, faulty servers, and specious actions. The aim if this paper therefore is to analyze a secure model using Unicode Transformation Format (UTF) base 64 algorithms for storage of data in cloud securely. The methodology used was Object Orientated Hypermedia Analysis and Design Methodology (OOHADM) was adopted. Python was used to develop the security model;the role-based access control (RBAC) and multi-factor authentication (MFA) to enhance security Algorithm were integrated into the Information System developed with HTML 5, JavaScript, Cascading Style Sheet (CSS) version 3 and PHP7. This paper also discussed some of the following concepts;Development of Computing in Cloud, Characteristics of computing, Cloud deployment Model, Cloud Service Models, etc. The results showed that the proposed enhanced security model for information systems of cooperate platform handled multiple authorization and authentication menace, that only one login page will direct all login requests of the different modules to one Single Sign On Server (SSOS). This will in turn redirect users to their requested resources/module when authenticated, leveraging on the Geo-location integration for physical location validation. The emergence of this newly developed system will solve the shortcomings of the existing systems and reduce time and resources incurred while using the existing system.
基金supported in part by Major Science and Technology Demonstration Project of Jiangsu Provincial Key R&D Program under Grant No.BE2023025in part by the National Natural Science Foundation of China under Grant No.62302238+2 种基金in part by the Natural Science Foundation of Jiangsu Province under Grant No.BK20220388in part by the Natural Science Research Project of Colleges and Universities in Jiangsu Province under Grant No.22KJB520004in part by the China Postdoctoral Science Foundation under Grant No.2022M711689.
文摘This paper presents a comprehensive exploration into the integration of Internet of Things(IoT),big data analysis,cloud computing,and Artificial Intelligence(AI),which has led to an unprecedented era of connectivity.We delve into the emerging trend of machine learning on embedded devices,enabling tasks in resource-limited environ-ments.However,the widespread adoption of machine learning raises significant privacy concerns,necessitating the development of privacy-preserving techniques.One such technique,secure multi-party computation(MPC),allows collaborative computations without exposing private inputs.Despite its potential,complex protocols and communication interactions hinder performance,especially on resource-constrained devices.Efforts to enhance efficiency have been made,but scalability remains a challenge.Given the success of GPUs in deep learning,lever-aging embedded GPUs,such as those offered by NVIDIA,emerges as a promising solution.Therefore,we propose an Embedded GPU-based Secure Two-party Computation(EG-STC)framework for Artificial Intelligence(AI)systems.To the best of our knowledge,this work represents the first endeavor to fully implement machine learning model training based on secure two-party computing on the Embedded GPU platform.Our experimental results demonstrate the effectiveness of EG-STC.On an embedded GPU with a power draw of 5 W,our implementation achieved a secure two-party matrix multiplication throughput of 5881.5 kilo-operations per millisecond(kops/ms),with an energy efficiency ratio of 1176.3 kops/ms/W.Furthermore,leveraging our EG-STC framework,we achieved an overall time acceleration ratio of 5–6 times compared to solutions running on server-grade CPUs.Our solution also exhibited a reduced runtime,requiring only 60%to 70%of the runtime of previously best-known methods on the same platform.In summary,our research contributes to the advancement of secure and efficient machine learning implementations on resource-constrained embedded devices,paving the way for broader adoption of AI technologies in various applications.
文摘This work aims to examine the vulnerabilities and threats in the applications of intelligent transport systems,especially collision avoidance protocols.It focuses on achieving the availability of network communication among traveling vehicles.Finally,it aims to find a secure solution to prevent blackhole attacks on vehicular network communications.The proposed solution relies on authenticating vehicles by joining a blockchain network.This technology provides identification information and receives cryptography keys.Moreover,the ad hoc on-demand distance vector(AODV)protocol is used for route discovery and ensuring reliable node communication.The system activates an adaptive mode for monitoring communications and continually adjusts trust scores based on packet delivery performance.From the experimental study,we can infer that the proposed protocol has successfully detected and prevented blackhole attacks for different numbers of simulated vehicles and at different traveling speeds.This reduces accident rates by 60%and increases the packet delivery ratio and the throughput of the connecting network by 40%and 20%,respectively.However,extra overheads in delay and memory are required to create and initialize the blockchain network.
文摘In order to improve the Physical Layer Security(PLS)perspective,this paper aims to empower function of PLS by considering a backhaul Non-Orthogonal Multiple Access(NOMA)system in two practical situations.In the proposed schemes,the untrusted user intercepts information transmitted to the far user,or the external eavesdropper overhears confidential information sent to the far user in the context of NOMA technique.Unlike the conventional NOMA systems,this paper emphasizes the actual situations of the existence of actual illegal users and legitimate users,especially the reasonable use of relay selection architecture to improve the confidentiality performance.To evaluate the security properties of the proposed scheme,a comprehensive analysis of the Security Outage Probability(SOP)performance is first performed,and then the corresponding SOP asymptotic expressions are derived for real scenarios related to eavesdroppers and untrusted users.Numerical results are performed to verify the analysis in terms of the secure performance metric.
文摘Prompt radiation emitted during accelerator operation poses a significant health risk,necessitating a thorough search and securing of hazardous areas prior to initiation.Currently,manual sweep methods are employed.However,the limitations of manual sweeps have become increasingly evident with the implementation of large-scale accelerators.By leveraging advancements in machine vision technology,the automatic identification of stranded personnel in controlled areas through camera imagery presents a viable solution for efficient search and security.Given the criticality of personal safety for stranded individuals,search and security processes must be sufficiently reliable.To ensure comprehensive coverage,180°camera groups were strategically positioned on both sides of the accelerator tunnel to eliminate blind spots within the monitoring range.The YOLOV8 network model was modified to enable the detection of small targets,such as hands and feet,as well as larger targets formed by individuals near the cameras.Furthermore,the system incorporates a pedestrian recognition model that detects human body parts,and an information fusion strategy is used to integrate the detected head,hands,and feet with the identified pedestrians as a cohesive unit.This strategy enhanced the capability of the model to identify pedestrians obstructed by equipment,resulting in a notable improvement in the recall rate.Specifically,recall rates of 0.915 and 0.82were obtained for Datasets 1 and 2,respectively.Although there was a slight decrease in accuracy,it aligned with the intended purpose of the search-and-secure software design.Experimental tests conducted within an accelerator tunnel demonstrated the effectiveness of this approach in achieving reliable recognition outcomes.
文摘With the recent technological developments,massive vehicular ad hoc networks(VANETs)have been established,enabling numerous vehicles and their respective Road Side Unit(RSU)components to communicate with oneanother.The best way to enhance traffic flow for vehicles and traffic management departments is to share thedata they receive.There needs to be more protection for the VANET systems.An effective and safe methodof outsourcing is suggested,which reduces computation costs by achieving data security using a homomorphicmapping based on the conjugate operation of matrices.This research proposes a VANET-based data outsourcingsystem to fix the issues.To keep data outsourcing secure,the suggested model takes cryptography models intoaccount.Fog will keep the generated keys for the purpose of vehicle authentication.For controlling and overseeingthe outsourced data while preserving privacy,the suggested approach considers the Trusted Certified Auditor(TCA).Using the secret key,TCA can identify the genuine identity of VANETs when harmful messages aredetected.The proposed model develops a TCA-based unique static vehicle labeling system using cryptography(TCA-USVLC)for secure data outsourcing and privacy preservation in VANETs.The proposed model calculatesthe trust of vehicles in 16 ms for an average of 180 vehicles and achieves 98.6%accuracy for data encryption toprovide security.The proposedmodel achieved 98.5%accuracy in data outsourcing and 98.6%accuracy in privacypreservation in fog-enabled VANETs.Elliptical curve cryptography models can be applied in the future for betterencryption and decryption rates with lightweight cryptography operations.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
基金The Natural Science Foundation of Henan Province(No.232300421097)the Program for Science&Technology Innovation Talents in Universities of Henan Province(No.23HASTIT019,24HASTIT038)+2 种基金the China Postdoctoral Science Foundation(No.2023T160596,2023M733251)the Open Research Fund of National Mobile Communications Research Laboratory,Southeast University(No.2023D11)the Song Shan Laboratory Foundation(No.YYJC022022003)。
文摘In this article,the secure computation efficiency(SCE)problem is studied in a massive multipleinput multiple-output(mMIMO)-assisted mobile edge computing(MEC)network.We first derive the secure transmission rate based on the mMIMO under imperfect channel state information.Based on this,the SCE maximization problem is formulated by jointly optimizing the local computation frequency,the offloading time,the downloading time,the users and the base station transmit power.Due to its difficulty to directly solve the formulated problem,we first transform the fractional objective function into the subtractive form one via the dinkelbach method.Next,the original problem is transformed into a convex one by applying the successive convex approximation technique,and an iteration algorithm is proposed to obtain the solutions.Finally,the stimulations are conducted to show that the performance of the proposed schemes is superior to that of the other schemes.