Longfei Wu

Wenti Yang, Naiyu Wang, Zhitao Guan et al.

The concept of federated learning (FL) was first proposed by Google in 2016. Thereafter, FL has been widely studied for the feasibility of application in various fields due to its potential to make full use of data without compromising the privacy. However, limited by the capacity of wireless data transmission, the employment of federated learning on mobile devices has been making slow progress in practical. The development and commercialization of the 5th generation (5G) mobile networks has shed some light on this. In this paper, we analyze the challenges of existing federated learning schemes for mobile devices and propose a novel cross-device federated learning framework, which utilizes the anonymous communication technology and ring signature to protect the privacy of participants while reducing the computation overhead of mobile devices participating in FL. In addition, our scheme implements a contribution-based incentive mechanism to encourage mobile users to participate in FL. We also give a case study of autonomous driving. Finally, we present the performance evaluation of the proposed scheme and discuss some open issues in federated learning.

Jialiang Dong, Zhitao Guan, Longfei Wu et al.

The wide use of black-box models in natural language processing brings great challenges to the understanding of the decision basis, the trustworthiness of the prediction results, and the improvement of the model performance. The words in text samples have properties that reflect their semantics and contextual information, such as the part of speech, the position, etc. These properties may have certain relationships with the word saliency, which is of great help for studying the explainability of the model predictions. In this paper, we explore the relationships between the word saliency and the word properties. According to the analysis results, we further establish a mapping model, Seq2Saliency, from the words in a text sample and their properties to the saliency values based on the idea of sequence tagging. In addition, we establish a new dataset called PrSalM, which contains each word in the text samples, the word properties, and the word saliency values. The experimental evaluations are conducted to analyze the saliency of words with different properties. The effectiveness of the Seq2Saliency model is verified.

Naiyu Wang, Xiao Zhou, Xin Lu et al.

With the rapid growth of renewable energy resources, the energy trading began to shift from centralized to distributed manner. Blockchain, as a distributed public ledger technology, has been widely adopted to design new energy trading schemes. However, there are many challenging issues for blockchain-based energy trading, i.e., low efficiency, high transaction cost, security & privacy issues. To tackle with the above challenges, many solutions have been proposed. In this survey, the blockchain-based energy trading in electrical power system is thoroughly investigated. Firstly, the challenges in blockchain-based energy trading are identified. Then, the existing energy trading schemes are studied and classified into three categories based on their main focus: energy transaction, consensus mechanism, and system optimization. And each category is presented in detail. Although existing schemes can meet the specific energy trading requirements, there are still many unsolved problems. Finally, the discussion and future directions are given.

Xueyan Liu, Zhitao Guan, Longfei Wu et al.

Multi-user multi-keyword ranked search scheme in arbitrary language is a novel multi-keyword rank searchable encryption (MRSE) framework based on Paillier Cryptosystem with Threshold Decryption (PCTD). Compared to previous MRSE schemes constructed based on the k-nearest neighbor searcha-ble encryption (KNN-SE) algorithm, it can mitigate some draw-backs and achieve better performance in terms of functionality and efficiency. Additionally, it does not require a predefined keyword set and support keywords in arbitrary languages. However, due to the pattern of exact matching of keywords in the new MRSE scheme, multilingual search is limited to each language and cannot be searched across languages. In this pa-per, we propose a cross-lingual multi-keyword rank search (CLRSE) scheme which eliminates the barrier of languages and achieves semantic extension with using the Open Multilingual Wordnet. Our CLRSE scheme also realizes intelligent and per-sonalized search through flexible keyword and language prefer-ence settings. We evaluate the performance of our scheme in terms of security, functionality, precision and efficiency, via extensive experiments.

Zhitao Guan, Zefang Lv, Xiaojiang Du et al.

The emergence and rapid development of the Internet of Medical Things (IoMT), an application of the Internet of Things into the medical and healthcare systems, have brought many changes and challenges to modern medical and healthcare systems. Particularly, machine learning technology can be used to process the data involved in IoMT for medical analysis and disease diagnosis. However, in this process, the disclosure of personal privacy information must receive considerable attentions especially for sensitive medical data. Cluster analysis is an important technique for medical analysis and disease diagnosis. To enable privacy-preserving cluster analysis in IoMT, this paper proposed an Efficient Differentially Private Data Clustering scheme (EDPDCS) based on MapReduce framework. In EDPDCS, we optimize the allocation of privacy budgets and the selection of initial centroids to improve the accuracy of differentially private K-means clustering algorithm. Specifically, the number of iterations of the K-means algorithm is set to a fixed value according to the total privacy budget and the minimal privacy budget of each iteration. In addition, an improved initial centroids selection method is proposed to increase the accuracy and efficiency of the clustering algorithm. Finally, we prove that the proposed EDPDCS can improve the accuracy of the differentially private k-means algorithm by comparing the Normalized Intra-Cluster Variance (NICV) produced by our algorithm on two datasets with two other algorithms.

Jingwei Liu, Jinping Han, Longfei Wu et al.

Along with the miniaturization of various types of sensors, a mass of intelligent terminals are gaining stronger sensing capability, which raises a deeper perception and better prospect of Internet of Things (IoT). With big sensing data, IoT provides lots of convenient services for the monitoring and management of smart cities and people's daily lives. However, there are still many security challenges influencing the further development of IoT, one of which is how to quickly verify the big data obtained from IoT terminals. Aggregate signature is an efficient approach to perform big data authentication. It can effectively reduce the computation and communication overheads. In this paper, utilizing these features, we construct a verifiable data aggregation scheme for Internet of Things, named VDAS, based on an improved certificateless aggregate signature algorithm. In VDAS, the length of the aggregated authentication message is independent of the number of IoT terminals. Then, we prove that VDAS is existentially unforgeable under adaptive chosen message attacks assuming that the computational Diffie-Hellman problem is hard. Additionally, the proposed VDAS achieves a better trade-off on the computation overheads between the resource-constrained IoT terminals and the data center.

Jingwei Liu, Fanghui Cai, Longfei Wu et al.

As a popular application, mobile crowd sensing systems aim at providing more convenient service via the swarm intelligence. With the popularity of sensor-embedded smart phones and intelligent wearable devices, mobile crowd sensing is becoming an efficient way to obtain various types of sensing data from individuals, which will make people's life more convenient. However, mobile crowd sensing systems today are facing a critical challenge, namely the privacy leakage of the sensitive information and valuable data, which can raise grave concerns among the participants. To address this issue, we propose an enhanced secure certificateless privacy-preserving verifiable data authentication scheme for mobile crowd sensing, named EPDA. The proposed scheme provides unconditional anonymous data authentication service for mobile crowd sensing, by deploying an improved certificateless ring signature as the cryptogram essential, in which the big sensing data should be signed by one of legitimate members in a specific group and could be verified without exposing the actual identity of the participant. The formal security proof demonstrates that EPDA is secure against existential forgery under adaptive chosen message and identity attacks in random oracle model. Finally, extensive simulations are conducted. The results show that the proposed EPDA efficiently decreases computational cost and time consumption in the sensing data authentication process.

Zhitao Guan, Jing Li, Longfei Wu et al.

Cloud-supported Internet of Things (Cloud-IoT) has been broadly deployed in smart grid systems. The IoT front-ends are responsible for data acquisition and status supervision, while the substantial amount of data is stored and managed in the cloud server. Achieving data security and system efficiency in the data acquisition and transmission process are of great significance and challenging, because the power grid-related data is sensitive and in huge amount. In this paper, we present an efficient and secure data acquisition scheme based on CP-ABE (Ciphertext Policy Attribute Based Encryption). Data acquired from the terminals will be partitioned into blocks and encrypted with its corresponding access sub-tree in sequence, thereby the data encryption and data transmission can be processed in parallel. Furthermore, we protect the information about the access tree with threshold secret sharing method, which can preserve the data privacy and integrity from users with the unauthorized sets of attributes. The formal analysis demonstrates that the proposed scheme can fulfill the security requirements of the Cloud-supported IoT in smart grid. The numerical analysis and experimental results indicate that our scheme can effectively reduce the time cost compared with other popular approaches.

Zhitao Guan, Guanlin Si, Xiaosong Zhang et al.

Intelligence is one of the most important aspects in the development of our future communities. Ranging from smart home, smart building, to smart city, all these smart infrastructures must be supported by intelligent power supply. Smart grid is proposed to solve all challenges of future electricity supply. In smart grid, in order to realize optimal scheduling, a Smart Meter (SM) is installed at each home to collect the near real-time electricity consumption data, which can be used by the utilities to offer better smart home services. However, the near real-time data may disclose user's privacy. An adversary may track the application usage patterns by analyzing the user's electricity consumption profile. In this paper, we propose a privacy-preserving and efficient data aggregation scheme. We divide users into different groups and each group has a private blockchain to record its members' data. To preserve the inner privacy within a group, we use pseudonym to hide user's identity, and each user may create multiple pseudonyms and associate his/her data with different pseudonyms. In addition, the bloom filter is adopted for fast authentication. The analysis shows that the proposed scheme can meet the security requirements, and achieve a better performance than other popular methods.

Hui Cao, Shubo Liu, Zhitao Guan et al.

Among existing privacy-preserving approaches, Differential Privacy (DP) is a powerful tool that can provide privacy-preserving noisy query answers over statistical databases and has been widely adopted in many practical fields. In particular, as a privacy machine of DP, Randomized Aggregable Privacy-Preserving Ordinal Response (RAPPOR) enables strong privacy, efficient, and high-utility guarantees for each client string in data crowdsourcing. However, as for Internet of Things(IoT), such as smart gird, data are often processed in batches. Therefore, developing a new random response algorithm that can support batch-processing tend to make it more efficient and suitable for IoT applications than existing random response algorithms. In this paper, we propose a new randomized response algorithm that can achieve differential-privacy and utility guar-antees for consumer's behaviors, and process a batch of data at each time. Firstly, by applying sparse coding in this algorithm, a behavior signature dictionary is created from the aggregated energy consumption data in fog. Then, we add noise into the behavior signature dictionary by classical randomized response techniques and achieve the differential privacy after data re-aggregation. Through the security analysis with the principle of differential privacy and experimental results verification, we find that our Algorithm can preserve consumer's privacy with-out comprising utility.

Haotian Chi, Longfei Wu, Xiaojiang Du et al.

To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient's IMD and a doctor's programmer is vulnerable since once the doctor's programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients' rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme.

Hui Cao, Shubo Liu, Longfei Wu et al.

Fog computing, a non-trivial extension of cloud computing to the edge of the network, has great advantage in providing services with a lower latency. In smart grid, the application of fog computing can greatly facilitate the collection of consumer's fine-grained energy consumption data, which can then be used to draw the load curve and develop a plan or model for power generation. However, such data may also reveal customer's daily activities. Non-intrusive load monitoring (NILM) can monitor an electrical circuit that powers a number of appliances switching on and off independently. If an adversary analyzes the meter readings together with the data measured by an NILM device, the customer's privacy will be disclosed. In this paper, we propose an effective privacy-preserving scheme for electric load monitoring, which can guarantee differential privacy of data disclosure in smart grid. In the proposed scheme, an energy consumption behavior model based on Factorial Hidden Markov Model (FHMM) is established. In addition, noise is added to the behavior parameter, which is different from the traditional methods that usually add noise to the energy consumption data. The analysis shows that the proposed scheme can get a better trade-off between utility and privacy compared with other popular methods.

Chenglong Fu, Xiaojiang Du, Longfei Wu et al.

Implantable medical devices (IMDs), such as pacemakers, implanted cardiac defibrillators, and neurostimulators are medical devices implanted into patients' bodies for monitoring physiological signals and performing medical treatments. Many IMDs have built-in wireless communication modules to facilitate data collecting and device reprogramming by external programmers. The wireless communication brings significant conveniences for advanced applications such as real-time and remote monitoring but also introduces the risk of unauthorized wireless access. The absence of effective access control mechanisms exposes patients' life to cyber attacks. In this paper, we present a lightweight and universally applicable access control system for IMDs. By leveraging Physically Obfuscated Keys (POKs) as the hardware root of trust, provable security is achieved based on standard cryptographic primitives while attaining high energy efficiency. In addition, barrier-free IMD access under emergent situations is realized by utilizing the patient's biometrical information. We evaluate our proposed scheme through extensive security analysis and a prototype implementation, which demonstrates our work's superiority on security and energy efficiency.

Longfei Wu, Xiaojiang Du, Jie Wu et al.

The Internet of Things (IoT) has become increasingly popular in people's daily lives. The pervasive IoT devices are encouraged to share data with each other in order to better serve the users. However, users are reluctant to share sensitive data due to privacy concerns. In this paper, we study the anonymous data aggregation for the IoT system, in which the IoT company servers, though not fully trustworthy, are used to assist the aggregation. We propose an efficient and accountable aggregation scheme that can preserve the data anonymity. We analyze the communication and computation overheads of the proposed scheme, and evaluate the total execution time and the per-user communication overhead with extensive simulations. The results show that our scheme is more efficient than the previous peer-shuffle protocol, especially for data aggregation from multiple providers.

Longfei Wu, Haotian Chi, Xiaojiang Du

With the rapid development of health equipments, increasingly more patients have installed the implantable medical devices (IMD) in their bodies for diagnostic, monitoring, and therapeutic purposes. IMDs are extremely limited in computation power and battery capacity. Meanwhile, IMDs have to communicate with an external programmer device (i.e., IMD programmer) through the wireless channel, which put them under the risk of unauthorized access and malicious wireless attacks. In this paper, we propose a proxy-based fine-grained access control scheme for IMDs, which can prolong the IMD's lifetime by delegating the access control computations to the proxy device (e.g., smartphone). In our scheme, the proxy communicates with the IMD programmer through an audio cable, which is resistant to a number of wireless attacks. Additionally, we use the ciphertext-policy attribute-based encryption (CP-ABE) to enforce fine-grained access control. The proposed scheme is implemented on real emulator devices and evaluated through experimental tests. The experiments show that the proposed scheme is lightweight and effective.