A Review on Security and Privacy Issues Pertaining to Cyber-Physical Systems in the Industry 5.0 Era

The advent of Industry 5.0 marks a transformative era where Cyber-Physical Systems(CPSs)seamlessly integrate physical processes with advanced digital technologies.However,as industries become increasingly interconnected and reliant on smart digital technologies,the intersection of physical and cyber domains introduces novel security considerations,endangering the entire industrial ecosystem.The transition towards a more cooperative setting,including humans and machines in Industry 5.0,together with the growing intricacy and interconnection of CPSs,presents distinct and diverse security and privacy challenges.In this regard,this study provides a comprehensive review of security and privacy concerns pertaining to CPSs in the context of Industry 5.0.The review commences by providing an outline of the role of CPSs in Industry 5.0 and then proceeds to conduct a thorough review of the different security risks associated with CPSs in the context of Industry 5.0.Afterward,the study also presents the privacy implications inherent in these systems,particularly in light of the massive data collection and processing required.In addition,the paper delineates potential avenues for future research and provides countermeasures to surmount these challenges.Overall,the study underscores the imperative of adopting comprehensive security and privacy strategies within the context of Industry 5.0.

Enhancing Security and Privacy in Distributed Face Recognition Systems through Blockchain and GAN Technologies

The use of privacy-enhanced facial recognition has increased in response to growing concerns about data securityand privacy in the digital age. This trend is spurred by rising demand for face recognition technology in a varietyof industries, including access control, law enforcement, surveillance, and internet communication. However,the growing usage of face recognition technology has created serious concerns about data monitoring and userprivacy preferences, especially in context-aware systems. In response to these problems, this study provides a novelframework that integrates sophisticated approaches such as Generative Adversarial Networks (GANs), Blockchain,and distributed computing to solve privacy concerns while maintaining exact face recognition. The framework’spainstaking design and execution strive to strike a compromise between precise face recognition and protectingpersonal data integrity in an increasingly interconnected environment. Using cutting-edge tools like Dlib for faceanalysis,Ray Cluster for distributed computing, and Blockchain for decentralized identity verification, the proposedsystem provides scalable and secure facial analysis while protecting user privacy. The study’s contributions includethe creation of a sustainable and scalable solution for privacy-aware face recognition, the implementation of flexibleprivacy computing approaches based on Blockchain networks, and the demonstration of higher performanceover previous methods. Specifically, the proposed StyleGAN model has an outstanding accuracy rate of 93.84%while processing high-resolution images from the CelebA-HQ dataset, beating other evaluated models such asProgressive GAN 90.27%, CycleGAN 89.80%, and MGAN 80.80%. With improvements in accuracy, speed, andprivacy protection, the framework has great promise for practical use in a variety of fields that need face recognitiontechnology. This study paves the way for future research in privacy-enhanced face recognition systems, emphasizingthe significance of using cutting-edge technology to meet rising privacy issues in digital identity.

Privacy-Preserving Healthcare and Medical Data Collaboration Service System Based on Blockchain and Federated Learning

As the volume of healthcare and medical data increases from diverse sources,real-world scenarios involving data sharing and collaboration have certain challenges,including the risk of privacy leakage,difficulty in data fusion,low reliability of data storage,low effectiveness of data sharing,etc.To guarantee the service quality of data collaboration,this paper presents a privacy-preserving Healthcare and Medical Data Collaboration Service System combining Blockchain with Federated Learning,termed FL-HMChain.This system is composed of three layers:Data extraction and storage,data management,and data application.Focusing on healthcare and medical data,a healthcare and medical blockchain is constructed to realize data storage,transfer,processing,and access with security,real-time,reliability,and integrity.An improved master node selection consensus mechanism is presented to detect and prevent dishonest behavior,ensuring the overall reliability and trustworthiness of the collaborative model training process.Furthermore,healthcare and medical data collaboration services in real-world scenarios have been discussed and developed.To further validate the performance of FL-HMChain,a Convolutional Neural Network-based Federated Learning(FL-CNN-HMChain)model is investigated for medical image identification.This model achieves better performance compared to the baseline Convolutional Neural Network(CNN),having an average improvement of 4.7%on Area Under Curve(AUC)and 7%on Accuracy(ACC),respectively.Furthermore,the probability of privacy leakage can be effectively reduced by the blockchain-based parameter transfer mechanism in federated learning between local and global models.

Enhancing AI System Privacy:An Automatic Tool for Achieving GDPR Compliance in NoSQL Databases

The EU’s Artificial Intelligence Act(AI Act)imposes requirements for the privacy compliance of AI systems.AI systems must comply with privacy laws such as the GDPR when providing services.These laws provide users with the right to issue a Data Subject Access Request(DSAR).Responding to such requests requires database administrators to identify information related to an individual accurately.However,manual compliance poses significant challenges and is error-prone.Database administrators need to write queries through time-consuming labor.The demand for large amounts of data by AI systems has driven the development of NoSQL databases.Due to the flexible schema of NoSQL databases,identifying personal information becomes even more challenging.This paper develops an automated tool to identify personal information that can help organizations respond to DSAR.Our tool employs a combination of various technologies,including schema extraction of NoSQL databases and relationship identification from query logs.We describe the algorithm used by our tool,detailing how it discovers and extracts implicit relationships from NoSQL databases and generates relationship graphs to help developers accurately identify personal data.We evaluate our tool on three datasets,covering different database designs,achieving an F1 score of 0.77 to 1.Experimental results demonstrate that our tool successfully identifies information relevant to the data subject.Our tool reduces manual effort and simplifies GDPR compliance,showing practical application value in enhancing the privacy performance of NOSQL databases and AI systems.

Practical Privacy-Preserving ROI Encryption System for Surveillance Videos Supporting Selective Decryption

With the advancement of video recording devices and network infrastructure,we use surveillance cameras to protect our valuable assets.This paper proposes a novel system for encrypting personal information within recorded surveillance videos to enhance efficiency and security.The proposed method leverages Dlib’s CNN-based facial recognition technology to identify Regions of Interest(ROIs)within the video,linking these ROIs to generate unique IDs.These IDs are then combined with a master key to create entity-specific keys,which are used to encrypt the ROIs within the video.This system supports selective decryption,effectively protecting personal information using surveillance footage.Additionally,the system overcomes the limitations of existing ROI recognition technologies by predicting unrecognized frames through post-processing.This research validates the proposed technology through experimental evaluations of execution time and post-processing techniques,ensuring comprehensive personal information protection.Guidelines for setting the thresholds used in this process are also provided.Implementing the proposed method could serve as an effective solution to security vulnerabilities that traditional approaches fail to address.

Fault diagnosis of intelligent distribution system based on privacy-enhanced federated learning

In practical applications,different power companies are unwilling to share personal transformer data with each other due to data privacy.Faced with such a data isolation scenario,the centralized learning method is difficult to be used to solve the problem of transformer fault diagnosis.In recent years,the emergence of federated learning(FL)has provided a secure and distributed learning framework.However,the unbalanced data from multiple participants may reduce the overall per-formance of FL,while an untrusted central server will threaten the data privacy and security of cli-ents.Thus,a fault diagnosis of intelligent distribution system method based on privacy-enhanced FL is proposed.Firstly,a globally shared dataset is established to effectively alleviate the impact of un-balanced data on the performance of the FedAvg algorithm.Then,Gaussian random noise is intro-duced during the parameter uploading process to further reduce the risk of data privacy leakage.Fi-nally,the effectiveness and superiority of the proposed method are verified through extensive experi-ments.

A Privacy Preserving Federated Learning System for IoT Devices Using Blockchain and Optimization

In this study, a blockchain based federated learning system using an enhanced weighted mean vector optimization algorithm, known as EINFO, is proposed. The proposed EINFO addresses the limitations of federated averaging during global update and model training, where data is unevenly distributed among devices and there are variations in the number of data samples. Using a well-defined structure and updating the vector positions by local searching, vector combining, and updating rules, the EINFO algorithm maximizes the shared model parameters. In order to increase the exploration and exploitation capabilities, the model convergence rate is improved and new vectors are generated through the use of a weighted mean vector based on the inverse square law. To choose validators, miners, and to propagate new blocks, a delegated proof of stake based on the reliability of blockchain nodes is suggested. Federated learning is included into the blockchain to protect nodes from both external and internal threats. To determine how well the suggested system performs in relation to current models in the literature, extensive simulations are run. The simulation results show that the proposed system outperforms existing schemes in terms of accuracy, sensitivity and specificity.

SensFL:Privacy-Preserving Vertical Federated Learning with Sensitive Regularization

In the realm of Intelligent Railway Transportation Systems,effective multi-party collaboration is crucial due to concerns over privacy and data silos.Vertical Federated Learning(VFL)has emerged as a promising approach to facilitate such collaboration,allowing diverse entities to collectively enhance machine learning models without the need to share sensitive training data.However,existing works have highlighted VFL’s susceptibility to privacy inference attacks,where an honest but curious server could potentially reconstruct a client’s raw data from embeddings uploaded by the client.This vulnerability poses a significant threat to VFL-based intelligent railway transportation systems.In this paper,we introduce SensFL,a novel privacy-enhancing method to against privacy inference attacks in VFL.Specifically,SensFL integrates regularization of the sensitivity of embeddings to the original data into the model training process,effectively limiting the information contained in shared embeddings.By reducing the sensitivity of embeddings to the original data,SensFL can effectively resist reverse privacy attacks and prevent the reconstruction of the original data from the embeddings.Extensive experiments were conducted on four distinct datasets and three different models to demonstrate the efficacy of SensFL.Experiment results show that SensFL can effectively mitigate privacy inference attacks while maintaining the accuracy of the primary learning task.These results underscore SensFL’s potential to advance privacy protection technologies within VFL-based intelligent railway systems,addressing critical security concerns in collaborative learning environments.

Security and Privacy Frameworks for Access Control Big Data Systems

In the security and privacy fields,Access Control(AC)systems are viewed as the fundamental aspects of networking security mechanisms.Enforcing AC becomes even more challenging when researchers and data analysts have to analyze complex and distributed Big Data(BD)processing cluster frameworks,which are adopted to manage yottabyte of unstructured sensitive data.For instance,Big Data systems’privacy and security restrictions are most likely to failure due to the malformed AC policy configurations.Furthermore,BD systems were initially developed toped to take care of some of the DB issues to address BD challenges and many of these dealt with the“three Vs”(Velocity,Volume,and Variety)attributes,without planning security consideration,which are considered to be patch work.Some of the BD“three Vs”characteristics,such as distributed computing,fragment,redundant data and node-to node communication,each with its own security challenges,complicate even more the applicability of AC in BD.This paper gives an overview of the latest security and privacy challenges in BD AC systems.Furthermore,it analyzes and compares some of the latest AC research frameworks to reduce privacy and security issues in distributed BD systems,which very few enforce AC in a cost-effective and in a timely manner.Moreover,this work discusses some of the future research methodologies and improvements for BD AC systems.This study is valuable asset for Artificial Intelligence(AI)researchers,DB developers and DB analysts who need the latest AC security and privacy research perspective before using and/or improving a current BD AC framework.

Smart contract token-based privacy-preserving access control system for industrial Internet of Things

Due to mobile Internet technology's rapid popularization,the Industrial Internet of Things(IIoT)can be seen everywhere in our daily lives.While IIoT brings us much convenience,a series of security and scalability issues related to permission operations rise to the surface during device communications.Hence,at present,a reliable and dynamic access control management system for IIoT is in urgent need.Up till now,numerous access control architectures have been proposed for IIoT.However,owing to centralized models and heterogeneous devices,security and scalability requirements still cannot be met.In this paper,we offer a smart contract token-based solution for decentralized access control in IIoT systems.Specifically,there are three smart contracts in our system,including the Token Issue Contract(TIC),User Register Contract(URC),and Manage Contract(MC).These three contracts collaboratively supervise and manage various events in IIoT environments.We also utilize the lightweight and post-quantum encryption algorithm-Nth-degree Truncated Polynomial Ring Units(NTRU)to preserve user privacy during the registration process.Subsequently,to evaluate our proposed architecture's performance,we build a prototype platform that connects to the local blockchain.Finally,experiment results show that our scheme has achieved secure and dynamic access control for the IIoT system compared with related research.

Privacy-preserving Distributed Location Proof Generating System

The rapid development of location-based service(LBS) drives one special kind of LBS, in which the service provider verifies user location before providing services. In distributed location proof generating schemes, preventing users from colluding with each other to create fake location proofs and protecting user's location privacy at the same time, are the main technical challenges to bring this kind of LBS into practical. Existing solutions tackle these challenges with low collusion-detecting efficiency and defected collusion-detecting method. We proposed two novel location proof generating schemes, which inversely utilized a secure secret-sharing scheme and a pseudonym scheme to settle these shortcomings. Our proposed solution resists and detects user collusion attacks in a more efficient and correct way. Meanwhile, we achieve a higher level of location privacy than that of previous work. The correctness and efficiency of our proposed solution is testified by intensive security analysis, performance analysis, as well as experiments and simulation results.

Role of Trust, Privacy Concerns and Data Governance in Managers’ Decision on Adoption of Big Data Systems

This paper investigates the role of trust, privacy concerns, and data governance on managers’ intention to use big data systems. In literature, trusting beliefs, such as functionality, helpfulness, and reliability were found to be antecedent of trust in technological artifacts. Notice, access, choice, and security principles were found to be crucial in eliminating privacy concerns. On the other hand, this paper focuses on data storage and data collection which have been significant criterion for managers in evaluating companies’ data governance policies. A model depicting the relationships amongst all these factors and their relation to users’ intention to adopt big data systems and a scale was proposed in the paper.

A game-theoretic approach for federated learning:A trade-off among privacy,accuracy and energy

Benefiting from the development of Federated Learning(FL)and distributed communication systems,large-scale intelligent applications become possible.Distributed devices not only provide adequate training data,but also cause privacy leakage and energy consumption.How to optimize the energy consumption in distributed communication systems,while ensuring the privacy of users and model accuracy,has become an urgent challenge.In this paper,we define the FL as a 3-layer architecture including users,agents and server.In order to find a balance among model training accuracy,privacy-preserving effect,and energy consumption,we design the training process of FL as game models.We use an extensive game tree to analyze the key elements that influence the players’decisions in the single game,and then find the incentive mechanism that meet the social norms through the repeated game.The experimental results show that the Nash equilibrium we obtained satisfies the laws of reality,and the proposed incentive mechanism can also promote users to submit high-quality data in FL.Following the multiple rounds of play,the incentive mechanism can help all players find the optimal strategies for energy,privacy,and accuracy of FL in distributed communication systems.

A Verifiable Credentials System with Privacy-Preserving Based on Blockchain

Decentralized identity authentication is generally based on blockchain, with the protection of user privacy as the core appeal. But traditional decentralized credential system requires users to show all the information of the entire credential to the verifier, resulting in unnecessary overexposure of personal information. From the perspective of user privacy, this paper proposed a verifiable credential scheme with selective disclosure based on BLS (Bohen- Lynn-Shacham) aggregate signature. Instead of signing the credentials, we sign the claims in the credentials. When the user needs to present the credential to verifier, the user can select a part of but not all claims to be presented. To reduce the number of signatures of claims after selective disclosure, BLS aggregate signature is achieved to aggregate signatures of claims into one signature. In addition, our scheme also supports the aggregation of credentials from different users. As a result, verifier only needs to verify one signature in the credential to achieve the purpose of batch verification of credentials. We analyze the security of our aggregate signature scheme, which can effectively resist aggregate signature forgery attack and credential theft attack. The simulation results show that our selective disclosure scheme based on BLS aggregate signature is acceptable in terms of verification efficiency, and can reduce the storage cost and communication overhead. As a result, our scheme is suitable for blockchain, which is strict on bandwidth and storage overhead.

Fully privacy-preserving distributed optimization in power systems based on secret sharing

With the increasing development of smart grid,multi-party cooperative computation between several entities has become a typical characteristic of modern energy systems.Traditionally,data exchange among parties is inevitable,rendering how to complete multi-party collaborative optimization without exposing any private information a critical issue.This paper proposes a fully privacy-preserving distributed optimization framework based on secure multi-party computation(SMPC)with secret sharing protocols.The framework decomposes the collaborative optimization problem into a master problem and several subproblems.The process of solving the master problem is executed in the SMPC framework via the secret sharing protocols among agents.The relationships of agents are completely equal,and there is no privileged agent or any third party.The process of solving subproblems is conducted by agents individually.Compared to the traditional distributed optimization framework,the proposed SMPC-based framework can fully preserve individual private information.Exchanged data among agents are encrypted and no private information disclosure is assured.Furthermore,the framework maintains a limited and acceptable increase in computational costs while guaranteeing opti-mality.Case studies are conducted on test systems of different scales to demonstrate the principle of secret sharing and verify the feasibility and scalability of the proposed methodology.

A Systematic Survey for Differential Privacy Techniques in Federated Learning

Federated learning is a distributed machine learning technique that trains a global model by exchanging model parameters or intermediate results among multiple data sources. Although federated learning achieves physical isolation of data, the local data of federated learning clients are still at risk of leakage under the attack of malicious individuals. For this reason, combining data protection techniques (e.g., differential privacy techniques) with federated learning is a sure way to further improve the data security of federated learning models. In this survey, we review recent advances in the research of differentially-private federated learning models. First, we introduce the workflow of federated learning and the theoretical basis of differential privacy. Then, we review three differentially-private federated learning paradigms: central differential privacy, local differential privacy, and distributed differential privacy. After this, we review the algorithmic optimization and communication cost optimization of federated learning models with differential privacy. Finally, we review the applications of federated learning models with differential privacy in various domains. By systematically summarizing the existing research, we propose future research opportunities.

A Privacy-Preserving System Design for Digital Presence Protection

A person’s privacy has become a growing concern,given the nature of an expansive reliance on real-time video activities with video capture,stream,and storage.This paper presents an innovative system design based on a privacy-preserving model.The proposed system design is implemented by employing an enhanced capability that overcomes today’s single parameterbased access control protection mechanism for digital privacy preservation.The enhanced capability combines multiple access control parameters:facial expression,resource,environment,location,and time.The proposed system design demonstrated that a person’s facial expressions combined with a set of access control rules can achieve a person’s privacy-preserving preferences.The findings resulted in different facial expressions successfully triggering a person’s face to be blurred and a person’s privacy when using a real-time video conferencing service captured from a webcam or virtual webcam.A comparison analysis of capabilities between existing designs and the proposed system design shows enhancement of the capabilities of the proposed system.A series of experiments exercising the enhanced,real-time multi-parameterbased system was shown as a viable path forward for preserving a person’s privacy while using a webcam or virtual webcam to capture,stream,and store videos.

DeepGan-Privacy Preserving of HealthCare System Using DL

The challenge of encrypting sensitive information of a medical image in a healthcare system is still one that requires a high level of computing complexity,despite the ongoing development of cryptography.After looking through the previous research,it has become clear that the security issues still need to be looked into further because there is room for expansion in the research field.Recently,neural networks have emerged as a cost-effective and effective optimization strategy in terms of providing security for images.This revelation came about as a result of current developments.Nevertheless,such an implementation is a technique that is expensive to compute and does not handle the huge variety of different assaults that may be made on pictures.The primary objective of the system that has been described is to provide evidence of a complex framework in which deep neural networks have been applied to improve the efficiency of basic encryption techniques.Our research has led to the development and proposal of an enhanced version of methods that have previously been used to encrypt pictures.Instead,the generative adversarial network(GAN),commonly known as GAN,will serve as the learning network that generates the private key.The transformation domain,which reflects the one-of-a-kind fashion of the private key that is to be formed,is also meant to lead the learning network in the process of actually accomplishing the private key creation procedure.This scheme may be utilized to train an excellent Deep Neural Networks(DNN)model while instantaneously maintaining the confidentiality of training medical images.It was tested by the proposed approach DeepGAN on open-source medical datasets,and three sets of data:The Ultrasonic Brachial Plexus,the Montgomery County Chest X-ray,and the BraTS18.The findings indicate that it is successful in maintaining both performance and privacy,and the findings of the assessment and the findings of the security investigation suggest that the development of suitable generation technologies is capable of generating private keys with a high level of security.

An Intelligent Cardiovascular Diseases Prediction System Focused on Privacy

Machine learning(ML)and cloud computing have now evolved to the point where they are able to be used effectively.Further improvement,however,is required when both of these technologies are combined to reap maximum bene-fits.A way of improving the system is by enabling healthcare workers to select appropriate machine learning algorithms for prediction and,secondly,by preser-ving the privacy of patient data so that it cannot be misused.The purpose of this paper is to combine these promising technologies to maintain the privacy of patient data during the disease prediction process.Treatment of heart failure may be improved and expedited with this framework.We used the following machine learning algorithms to make predictions:Logistic Regression(LR),Naive Bayes(NB),K-Nearest Neighbors(KNN),Decision Tree(DT)and Support Vector Machines(SVM).These techniques,combined with cloud computing ser-vices,improved the process of deciding whether to treat a patient with cardiac dis-ease.Using our classifiers,we classified cardiac patients according to their features,which are grouped into single features,combinations of selected fea-tures,and all features.In experiments using all clinical features,machine learning classifiers SVM,DT,and KNN outperformed the rest,whereas in experiments using minimal clinical features,SVM and KNN were the most accurate.Internet of Things(IoT)devices allow family physicians to share diagnostic reports on the cloud in a secure manner.Ring signatures are particularly useful for verifying the integrity of data exchange.Our system keeps the physician's identity confidential from all authorized users,who can still access medical reports publicly.Our pro-posed mechanism has been shown to be both effective and efficient when it comes to obtaining patient reports from cloud storage.

Adversarial Examples Protect Your Privacy on Speech Enhancement System

Speech is easily leaked imperceptibly.When people use their phones,the personal voice assistant is constantly listening and waiting to be activated.Private content in speech may be maliciously extracted through automatic speech recognition(ASR)technology by some applications on phone devices.To guarantee that the recognized speech content is accurate,speech enhancement technology is used to denoise the input speech.Speech enhancement technology has developed rapidly along with deep neural networks(DNNs),but adversarial examples can cause DNNs to fail.Considering that the vulnerability of DNN can be used to protect the privacy in speech.In this work,we propose an adversarial method to degrade speech enhancement systems,which can prevent the malicious extraction of private information in speech.Experimental results show that the generated enhanced adversarial examples can be removed most content of the target speech or replaced with target speech content by speech enhancement.The word error rate(WER)between the enhanced original example and enhanced adversarial example recognition result can reach 89.0%.WER of target attack between enhanced adversarial example and target example is low at 33.75%.The adversarial perturbation in the adversarial example can bring much more change than itself.The rate of difference between two enhanced examples and adversarial perturbation can reach more than 1.4430.Meanwhile,the transferability between different speech enhancement models is also investigated.The low transferability of the method can be used to ensure the content in the adversarial example is not damaged,the useful information can be extracted by the friendly ASR.This work can prevent the malicious extraction of speech.