Differential Privacy for Industrial Internet of Things: Opportunities, Applications and Challenges

The development of Internet of Things (IoT) brings new changes to various fields. Particularly, industrial Internet of Things (IIoT) is promoting a new round of industrial revolution. With more applications of IIoT, privacy protection issues are emerging. Specially, some common algorithms in IIoT technology such as deep models strongly rely on data collection, which leads to the risk of privacy disclosure. Recently, differential privacy has been used to protect user-terminal privacy in IIoT, so it is necessary to make in-depth research on this topic. In this paper, we conduct a comprehensive survey on the opportunities, applications and challenges of differential privacy in IIoT. We firstly review related papers on IIoT and privacy protection, respectively. Then we focus on the metrics of industrial data privacy, and analyze the contradiction between data utilization for deep models and individual privacy protection. Several valuable problems are summarized and new research ideas are put forward. In conclusion, this survey is dedicated to complete comprehensive summary and lay foundation for the follow-up researches on industrial differential privacy

Integrity and Privacy Protection for Cyber-physical Systems (CPS)

The present-day interoperable and interconnected cyber-physical systems (CPS) provides significant value in our daily lives with the incorporation of advanced technologies. Still, it also increases the exposure to many security privacy risks like (1) maliciously manipulating the CPS data and sensors to compromise the integrity of the system (2) launching internal/external cyber-physical attacks on the central controller dependent CPS systems to cause a single point of failure issues (3) running malicious data and query analytics on the CPS data to identify internal insights and use it for achieving financial incentive. Moreover, (CPS) data privacy protection during sharing, aggregating, and publishing has also become challenging nowadays because most of the existing CPS security and privacy solutions have drawbacks, like (a) lack of a proper vulnerability characterization model to accurately identify where privacy is needed, (b) ignoring data providers privacy preference, (c) using uniform privacy protection which may create inadequate privacy for some provider while overprotecting others.Therefore, to address these issues, the primary purpose of this thesis is to orchestrate the development of a decentralized, p2p connected data privacy preservation model to improve the CPS system's integrity against malicious attacks. In that regard, we adopt blockchain to facilitate a decentralized and highly secured system model for CPS with self-defensive capabilities. This proposed model will mitigate data manipulation attacks from malicious entities by introducing bloom filter-based fast CPS device identity validation and Merkle tree-based fast data verification. Finally, the blockchain consensus will help to keep consistency and eliminate malicious entities from the protection framework. Furthermore, to address the data privacy issues in CPS, we propose a personalized data privacy model by introducing a standard vulnerability profiling library (SVPL) to characterize and quantify the CPS vulnerabilities and identify the necessary privacy requirements. Based on this model, we present our personalized privacy framework (PDP) in which Laplace noise is added based on the individual node's selected privacy preferences. Finally, combining these two proposed methods, we demonstrate that the blockchain-based system model is scalable and fast enough for CPS data's integrity verification. Also, the proposed PDP model can attain better data privacy by eliminating the trade-off between privacy, utility, and risk of losing information

Privacy-Preserved Linkable Social-Physical Data Publication

In this dissertation, we investigate the privacy-preserved data publication problems towards pervasively existing linkable social-physical contents. On the one hand, data publication has been considered as a critical approach to facilitate numerous utilities for individuals, populations, platform owners, and all third-party service providers. On the other hand, the unprecedented adoption of mobile devices and the dramatic development of Internet-of-Thing (IoT) systems have pushed the collection of surrounding physical information among populations to a totally novel stage. The collected contents can provide a fine-grained access to both physical and social aspects of the crowds, which introduces a comprehensively linkable and potentially sensitive information domain. The linkage includes the related index like privacy, utility, and efficiency for sophisticated applications, the inherent correlations among multiple data sources or information dimensions, and the connections among individuals. As the linkage leads to various novel challenges for privacy preservation, there should be a body of novel mechanisms for linkable social-physical data publications. As a result, this dissertation proposes a series of mechanisms for privacy-preserved linkable social-physical data publication. Firstly, we study the publication of physical data where the co-existing useful social proles and the sensitive physical proles of the data should be carefully maintained. Secondly, we investigate the data publication problem jointly considering the privacy preservation, data utility, and resource efficiency for task completion in crowd-sensing systems. Thirdly, we investigate the publication of private contents used for the recommendation, where contents of a user contribute to the recommendation results for others. Fourthly, we study the publications of reviews in local business service systems, where users expect to conceal their frequently visited locations while cooperatively maintain the utility of the whole system. Fifthly, we study the acquisition of privacy-preserved knowledge on cyber-physical social networks, where third-party service providers can derive the community structure without accessing the sensitive social links. We also provide detailed analysis and discussion for proposed mechanisms, and extensively validate their performance via real-world datasets. Both results demonstrate that the proposed mechanisms can properly preserve the privacy while maintaining the data utility. At last, we also propose the future research topics to complete the whole dissertation. The first topic focuses on the privacy preservation towards correlations beneath multiple data sources. The second topic studies more privacy issues for the whole population during data publication, including both the novel threats for related communities, and the disclosure of trends within crowds

Empirical Analysis of Privacy Preservation Models for Cyber Physical Deployments from a Pragmatic Perspective

The difficulty of privacy protection in cyber-physical installations encompasses several sectors and calls for methods like encryption, hashing, secure routing, obfuscation, and data exchange, among others. To create a privacy preservation model for cyber physical deployments, it is advised that data privacy, location privacy, temporal privacy, node privacy, route privacy, and other types of privacy be taken into account. Consideration must also be given to other types of privacy, such as temporal privacy. The computationally challenging process of incorporating these models into any wireless network also affects quality of service (QoS) variables including end-to-end latency, throughput, energy use, and packet delivery ratio. The best privacy models must be used by network designers and should have the least negative influence on these quality-of-service characteristics. The designers used common privacy models for the goal of protecting cyber-physical infrastructure in order to achieve this. The limitations of these installations' interconnection and interface-ability are not taken into account in this. As a result, even while network security has increased, the network's overall quality of service has dropped. The many state-of-the-art methods for preserving privacy in cyber-physical deployments without compromising their performance in terms of quality of service are examined and analyzed in this research. Lowering the likelihood that such circumstances might arise is the aim of this investigation and review. These models are rated according to how much privacy they provide, how long it takes from start to finish to transfer data, how much energy they use, and how fast their networks are. In order to maximize privacy while maintaining a high degree of service performance, the comparison will assist network designers and researchers in selecting the optimal models for their particular deployments. Additionally, the author of this book offers a variety of tactics that, when used together, might improve each reader's performance. This study also provides a range of tried-and-true machine learning approaches that networks may take into account and examine in order to enhance their privacy performance

Critical infrastructure protection

Postgraduate seminar series with a title Critical Infrastructure Protection held at the Department of Military Technology of the National Defence University. This book is a collection of some of talks that were presented in the seminar. The papers address threat intelligence, a protection of critical supply chains, cyber security in the management of an electricity company, and privacy preserving data mining. This set of papers tries to give some insight to current issues of the critical infrastructure protection. The seminar has always made a publication of the papers but this has been an internal publication of the Finnish Defence Forces and has not hindered publication of the papers in international conferences. Publication of these papers in peer reviewed conferences has indeed been always the goal of the seminar, since it teaches writing conference level papers. We still hope that an internal publication in the department series is useful to the Finnish Defence Forces by offering an easy access to these papers

KBD-Share: Key Aggregation, Blockchain, and Differential Privacy based Secured Data Sharing for Multi-User Cloud Computing

In today's era of widespread cloud computing and data sharing, the demand for secure and privacy-preserving techniques to facilitate multi-user data sharing is rapidly increasing. However, traditional approaches struggle to effectively address the twin objectives of ensuring privacy protection while preserving the utility of shared data. This predicament holds immense significance due to the pivotal role data sharing plays in diverse domains and applications. However, it also brings about significant privacy vulnerabilities. Consequently, innovative approaches are imperative to achieve a harmonious equilibrium between the utility of shared data and the protection of privacy in scenarios involving multiple users. This paper presents KBD-Share, an innovative framework that addresses the intricacies of ensuring data security and privacy in the context of sharing data among multiple users in cloud computing environments. By seamlessly integrating key aggregation, blockchain technology, and differential privacy techniques, KBD-Share offers an efficient and robust solution to protect sensitive data while facilitating seamless sharing and utilization. Extensive experimental evaluations convincingly establish the superiority of KBD-Share in aspects of data privacy preservation and utility, outperforming existing approaches. This approach achieves the highest R2 value of 0.9969 exhibiting best data utility, essential for multi-user data sharing in diverse cloud computing applications

Protection of data privacy based on artificial intelligence in Cyber-Physical Systems

With the rapid evolution of cyber attack techniques, the security and privacy of Cyber-Physical Systems (CPSs) have become key challenges. CPS environments have several properties that make them unique in efforts to appropriately secure them when compared with the processes, techniques and processes that have evolved for traditional IT networks and platforms. CPS ecosystems are comprised of heterogeneous systems, each with long lifespans. They use multitudes of operating systems and communication protocols and are often designed without security as a consideration. From a privacy perspective, there are also additional challenges. It is hard to capture and filter the heterogeneous data sources of CPSs, especially power systems, as their data should include network traffic and the sensing data of sensors. Protecting such data during the stages of collection, analysis and publication still open the possibility of new cyber threats disrupting the operational loops of power systems. Moreover, while protecting the original data of CPSs, identifying cyberattacks requires intrusion detection that produces high false alarm rates. This thesis significantly contributes to the protection of heterogeneous data sources, along with the high performance of discovering cyber-attacks in CPSs, especially smart power networks (i.e., power systems and their networks). For achieving high data privacy, innovative privacy-preserving techniques based on Artificial Intelligence (AI) are proposed to protect the original and sensitive data generated by CPSs and their networks. For cyber-attack discovery, meanwhile applying privacy-preserving techniques, new anomaly detection algorithms are developed to ensure high performances in terms of data utility and accuracy detection. The first main contribution of this dissertation is the development of a privacy preservation intrusion detection methodology that uses the correlation coefficient, independent component analysis, and Expectation Maximisation (EM) clustering algorithms to select significant data portions and discover cyber attacks against power networks. Before and after applying this technique, machine learning algorithms are used to assess their capabilities to classify normal and suspicious vectors. The second core contribution of this work is the design of a new privacy-preserving anomaly detection technique protecting the confidential information of CPSs and discovering malicious observations. Firstly, a data pre-processing technique filters and transforms data into a new format that accomplishes the aim of preserving privacy. Secondly, an anomaly detection technique using a Gaussian mixture model which fits selected features, and a Kalman filter technique that accurately computes the posterior probabilities of legitimate and anomalous events are employed. The third significant contribution of this thesis is developing a novel privacy-preserving framework for achieving the privacy and security criteria of smart power networks. In the first module, a two-level privacy module is developed, including an enhanced proof of work technique-based blockchain for accomplishing data integrity and a variational autoencoder approach for changing the data to an encoded data format to prevent inference attacks. In the second module, a long short-term memory deep learning algorithm is employed in anomaly detection to train and validate the outputs from the two-level privacy modules