Security and Privacy Preservation in Mobile Crowdsensing

Mobile crowdsensing (MCS) is a compelling paradigm that enables a crowd of individuals to cooperatively collect and share data to measure phenomena or record events of common interest using their mobile devices. Pairing with inherent mobility and intelligence, mobile users can collect, produce and upload large amounts of data to service providers based on crowdsensing tasks released by customers, ranging from general information, such as temperature, air quality and traffic condition, to more specialized data, such as recommended places, health condition and voting intentions. Compared with traditional sensor networks, MCS can support large-scale sensing applications, improve sensing data trustworthiness and reduce the cost on deploying expensive hardware or software to acquire high-quality data. Despite the appealing benefits, however, MCS is also confronted with a variety of security and privacy threats, which would impede its rapid development. Due to their own incentives and vulnerabilities of service providers, data security and user privacy are being put at risk. The corruption of sensing reports may directly affect crowdsensing results, and thereby mislead customers to make irrational decisions. Moreover, the content of crowdsensing tasks may expose the intention of customers, and the sensing reports might inadvertently reveal sensitive information about mobile users. Data encryption and anonymization techniques can provide straightforward solutions for data security and user privacy, but there are several issues, which are of significantly importance to make MCS practical. First of all, to enhance data trustworthiness, service providers need to recruit mobile users based on their personal information, such as preferences, mobility pattern and reputation, resulting in the privacy exposure to service providers. Secondly, it is inevitable to have replicate data in crowdsensing reports, which may possess large communication bandwidth, but traditional data encryption makes replicate data detection and deletion challenging. Thirdly, crowdsensed data analysis is essential to generate crowdsensing reports in MCS, but the correctness of crowdsensing results in the absence of malicious mobile users and service providers become a huge concern for customers. Finally yet importantly, even if user privacy is preserved during task allocation and data collection, it may still be exposed during reward distribution. It further discourage mobile users from task participation. In this thesis, we explore the approaches to resolve these challenges in MCS. Based on the architecture of MCS, we conduct our research with the focus on security and privacy protection without sacrificing data quality and users' enthusiasm. Specifically, the main contributions are, i) to enable privacy preservation and task allocation, we propose SPOON, a strong privacy-preserving mobile crowdsensing scheme supporting accurate task allocation. In SPOON, the service provider recruits mobile users based on their locations, and selects proper sensing reports according to their trust levels without invading user privacy. By utilizing the blind signature, sensing tasks are protected and reports are anonymized. In addition, a privacy-preserving credit management mechanism is introduced to achieve decentralized trust management and secure credit proof for mobile users; ii) to improve communication efficiency while guaranteeing data confidentiality, we propose a fog-assisted secure data deduplication scheme, in which a BLS-oblivious pseudo-random function is developed to enable fog nodes to detect and delete replicate data in sensing reports without exposing the content of reports. Considering the privacy leakages of mobile users who report the same data, the blind signature is utilized to hide users' identities, and chameleon hash function is leveraged to achieve contribution claim and reward retrieval for anonymous greedy mobile users; iii) to achieve data statistics with privacy preservation, we propose a privacy-preserving data statistics scheme to achieve end-to-end security and integrity protection, while enabling the aggregation of the collected data from multiple sources. The correctness verification is supported to prevent the corruption of the aggregate results during data transmission based on the homomorphic authenticator and the proxy re-signature. A privacy-preserving verifiable linear statistics mechanism is developed to realize the linear aggregation of multiple crowdsensed data from a same device and the verification on the correctness of aggregate results; and iv) to encourage mobile users to participating in sensing tasks, we propose a dual-anonymous reward distribution scheme to offer the incentive for mobile users and privacy protection for both customers and mobile users in MCS. Based on the dividable cash, a new reward sharing incentive mechanism is developed to encourage mobile users to participating in sensing tasks, and the randomization technique is leveraged to protect the identities of customers and mobile users during reward claim, distribution and deposit

Efficient and Privacy-Preserving Data Aggregation and Dynamic Billing in Smart Grid Metering Networks

The smart grid enables convenient data collection between smart meters and operation centers via data concentrators. However, it presents security and privacy issues for the customer. For instance, a malicious data concentrator cannot only use consumption data for malicious purposes but also can reveal life patterns of the customers. Recently, several methods in different groups (e.g., secure data aggregation, etc.) have been proposed to collect the consumption usage in a privacy-preserving manner. Nevertheless, most of the schemes either introduce computational complexities in data aggregation or fail to support privacy-preserving billing against the internal adversaries (e.g., malicious data concentrators). In this paper, we propose an efficient and privacy-preserving data aggregation scheme that supports dynamic billing and provides security against internal adversaries in the smart grid. The proposed scheme actively includes the customer in the registration process, leading to end-to-end secure data aggregation, together with accurate and dynamic billing offering privacy protection. Compared with the related work, the scheme provides a balanced trade-off between security and efficacy (i.e., low communication and computation overhead while providing robust security)

Security protocols suite for machine-to-machine systems

Nowadays, the great diffusion of advanced devices, such as smart-phones, has shown that there is a growing trend to rely on new technologies to generate and/or support progress; the society is clearly ready to trust on next-generation communication systems to face today’s concerns on economic and social fields. The reason for this sociological change is represented by the fact that the technologies have been open to all users, even if the latter do not necessarily have a specific knowledge in this field, and therefore the introduction of new user-friendly applications has now appeared as a business opportunity and a key factor to increase the general cohesion among all citizens. Within the actors of this technological evolution, wireless machine-to-machine (M2M) networks are becoming of great importance. These wireless networks are made up of interconnected low-power devices that are able to provide a great variety of services with little or even no user intervention. Examples of these services can be fleet management, fire detection, utilities consumption (water and energy distribution, etc.) or patients monitoring. However, since any arising technology goes together with its security threats, which have to be faced, further studies are necessary to secure wireless M2M technology. In this context, main threats are those related to attacks to the services availability and to the privacy of both the subscribers’ and the services providers’ data. Taking into account the often limited resources of the M2M devices at the hardware level, ensuring the availability and privacy requirements in the range of M2M applications while minimizing the waste of valuable resources is even more challenging. Based on the above facts, this Ph. D. thesis is aimed at providing efficient security solutions for wireless M2M networks that effectively reduce energy consumption of the network while not affecting the overall security services of the system. With this goal, we first propose a coherent taxonomy of M2M network that allows us to identify which security topics deserve special attention and which entities or specific services are particularly threatened. Second, we define an efficient, secure-data aggregation scheme that is able to increase the network lifetime by optimizing the energy consumption of the devices. Third, we propose a novel physical authenticator or frame checker that minimizes the communication costs in wireless channels and that successfully faces exhaustion attacks. Fourth, we study specific aspects of typical key management schemes to provide a novel protocol which ensures the distribution of secret keys for all the cryptographic methods used in this system. Fifth, we describe the collaboration with the WAVE2M community in order to define a proper frame format actually able to support the necessary security services, including the ones that we have already proposed; WAVE2M was funded to promote the global use of an emerging wireless communication technology for ultra-low and long-range services. And finally sixth, we provide with an accurate analysis of privacy solutions that actually fit M2M-networks services’ requirements. All the analyses along this thesis are corroborated by simulations that confirm significant improvements in terms of efficiency while supporting the necessary security requirements for M2M networks

Smart Grid Metering Networks: A Survey on Security, Privacy and Open Research Issues

Smart grid (SG) networks are newly upgraded networks of connected objects that greatly improve reliability, efficiency and sustainability of the traditional energy infrastructure. In this respect, the smart metering infrastructure (SMI) plays an important role in controlling, monitoring and managing multiple domains in the SG. Despite the salient features of SMI, security and privacy issues have been under debate because of the large number of heterogeneous devices that are anticipated to be coordinated through public communication networks. This survey paper shows a brief overview of real cyber attack incidents in traditional energy networks and those targeting the smart metering network. Specifically, we present a threat taxonomy considering: (i) threats in system-level security, (ii) threats and/or theft of services, and (iii) threats to privacy. Based on the presented threats, we derive a set of security and privacy requirements for SG metering networks. Furthermore, we discuss various schemes that have been proposed to address these threats, considering the pros and cons of each. Finally, we investigate the open research issues to shed new light on future research directions in smart grid metering networks

New Waves of IoT Technologies Research – Transcending Intelligence and Senses at the Edge to Create Multi Experience Environments

The next wave of Internet of Things (IoT) and Industrial Internet of Things (IIoT) brings new technological developments that incorporate radical advances in Artificial Intelligence (AI), edge computing processing, new sensing capabilities, more security protection and autonomous functions accelerating progress towards the ability for IoT systems to self-develop, self-maintain and self-optimise. The emergence of hyper autonomous IoT applications with enhanced sensing, distributed intelligence, edge processing and connectivity, combined with human augmentation, has the potential to power the transformation and optimisation of industrial sectors and to change the innovation landscape. This chapter is reviewing the most recent advances in the next wave of the IoT by looking not only at the technology enabling the IoT but also at the platforms and smart data aspects that will bring intelligence, sustainability, dependability, autonomy, and will support human-centric solutions.acceptedVersio

Towards more Effective Censorship Resistance Systems

Internet censorship resistance systems (CRSs) have so far been designed in an ad-hoc manner. The fundamentals are unclear and the foundations are shaky. Censors are, more and more, able to take advantage of this situation. Future censorship resistance systems ought to be built from strong theoretical underpinnings and be based on empirical evidence. Our approach is based on systematizing the CRS field and its players. Informed by this systematization we develop frameworks that have broad scope, from which we gain general insight as well as answers to specific questions. We develop theoretical and simulation-based analysis tools 1) for learning how to manipulate censor behavior using game-theoretic tactics, 2) for learning about CRS-client activity levels on CRS networks, and finally 3) for evaluating security parameters in CRS designs. We learn that there are gaps in the CRS designer's arsenal: certain censor attacks go unmitigated and the dynamics of the censorship arms race are not modeled. Our game-theoretic analysis highlights how managing the base rate of CRS traffic can cause stable equilibriums where the censor allows some amount of CRS communication to occur. We design and deploy a privacy-preserving data gathering tool, and use it to collect statistics to help answer questions about the prevalence of CRS-related traffic in actual CRS communication networks. Finally, our security evaluation of a popular CRS exposes suboptimal settings, which have since been optimized according to our recommendations. All of these contributions help support the thesis that more formal and empirically driven CRS designs can have better outcomes than the current state of the art

Privacidade em comunicações de dados para ambientes contextualizados

Doutoramento em InformáticaInternet users consume online targeted advertising based on information collected about them and voluntarily share personal information in social networks. Sensor information and data from smart-phones is collected and used by applications, sometimes in unclear ways. As it happens today with smartphones, in the near future sensors will be shipped in all types of connected devices, enabling ubiquitous information gathering from the physical environment, enabling the vision of Ambient Intelligence. The value of gathered data, if not obvious, can be harnessed through data mining techniques and put to use by enabling personalized and tailored services as well as business intelligence practices, fueling the digital economy. However, the ever-expanding information gathering and use undermines the privacy conceptions of the past. Natural social practices of managing privacy in daily relations are overridden by socially-awkward communication tools, service providers struggle with security issues resulting in harmful data leaks, governments use mass surveillance techniques, the incentives of the digital economy threaten consumer privacy, and the advancement of consumergrade data-gathering technology enables new inter-personal abuses. A wide range of fields attempts to address technology-related privacy problems, however they vary immensely in terms of assumptions, scope and approach. Privacy of future use cases is typically handled vertically, instead of building upon previous work that can be re-contextualized, while current privacy problems are typically addressed per type in a more focused way. Because significant effort was required to make sense of the relations and structure of privacy-related work, this thesis attempts to transmit a structured view of it. It is multi-disciplinary - from cryptography to economics, including distributed systems and information theory - and addresses privacy issues of different natures. As existing work is framed and discussed, the contributions to the state-of-theart done in the scope of this thesis are presented. The contributions add to five distinct areas: 1) identity in distributed systems; 2) future context-aware services; 3) event-based context management; 4) low-latency information flow control; 5) high-dimensional dataset anonymity. Finally, having laid out such landscape of the privacy-preserving work, the current and future privacy challenges are discussed, considering not only technical but also socio-economic perspectives.Quem usa a Internet vê publicidade direccionada com base nos seus hábitos de navegação, e provavelmente partilha voluntariamente informação pessoal em redes sociais. A informação disponível nos novos telemóveis é amplamente acedida e utilizada por aplicações móveis, por vezes sem razões claras para isso. Tal como acontece hoje com os telemóveis, no futuro muitos tipos de dispositivos elecónicos incluirão sensores que permitirão captar dados do ambiente, possibilitando o surgimento de ambientes inteligentes. O valor dos dados captados, se não for óbvio, pode ser derivado através de técnicas de análise de dados e usado para fornecer serviços personalizados e definir estratégias de negócio, fomentando a economia digital. No entanto estas práticas de recolha de informação criam novas questões de privacidade. As práticas naturais de relações inter-pessoais são dificultadas por novos meios de comunicação que não as contemplam, os problemas de segurança de informação sucedem-se, os estados vigiam os seus cidadãos, a economia digital leva á monitorização dos consumidores, e as capacidades de captação e gravação dos novos dispositivos eletrónicos podem ser usadas abusivamente pelos próprios utilizadores contra outras pessoas. Um grande número de áreas científicas focam problemas de privacidade relacionados com tecnologia, no entanto fazem-no de maneiras diferentes e assumindo pontos de partida distintos. A privacidade de novos cenários é tipicamente tratada verticalmente, em vez de re-contextualizar trabalho existente, enquanto os problemas actuais são tratados de uma forma mais focada. Devido a este fraccionamento no trabalho existente, um exercício muito relevante foi a sua estruturação no âmbito desta tese. O trabalho identificado é multi-disciplinar - da criptografia à economia, incluindo sistemas distribuídos e teoria da informação - e trata de problemas de privacidade de naturezas diferentes. À medida que o trabalho existente é apresentado, as contribuições feitas por esta tese são discutidas. Estas enquadram-se em cinco áreas distintas: 1) identidade em sistemas distribuídos; 2) serviços contextualizados; 3) gestão orientada a eventos de informação de contexto; 4) controlo de fluxo de informação com latência baixa; 5) bases de dados de recomendação anónimas. Tendo descrito o trabalho existente em privacidade, os desafios actuais e futuros da privacidade são discutidos considerando também perspectivas socio-económicas