Efficient classification using parallel and scalable compressed model and Its application on intrusion detection

In order to achieve high efficiency of classification in intrusion detection, a compressed model is proposed in this paper which combines horizontal compression with vertical compression. OneR is utilized as horizontal com-pression for attribute reduction, and affinity propagation is employed as vertical compression to select small representative exemplars from large training data. As to be able to computationally compress the larger volume of training data with scalability, MapReduce based parallelization approach is then implemented and evaluated for each step of the model compression process abovementioned, on which common but efficient classification methods can be directly used. Experimental application study on two publicly available datasets of intrusion detection, KDD99 and CMDC2012, demonstrates that the classification using the compressed model proposed can effectively speed up the detection procedure at up to 184 times, most importantly at the cost of a minimal accuracy difference with less than 1% on average

Privacy Preserving Multi-Server k-means Computation over Horizontally Partitioned Data

The k-means clustering is one of the most popular clustering algorithms in data mining. Recently a lot of research has been concentrated on the algorithm when the dataset is divided into multiple parties or when the dataset is too large to be handled by the data owner. In the latter case, usually some servers are hired to perform the task of clustering. The dataset is divided by the data owner among the servers who together perform the k-means and return the cluster labels to the owner. The major challenge in this method is to prevent the servers from gaining substantial information about the actual data of the owner. Several algorithms have been designed in the past that provide cryptographic solutions to perform privacy preserving k-means. We provide a new method to perform k-means over a large set using multiple servers. Our technique avoids heavy cryptographic computations and instead we use a simple randomization technique to preserve the privacy of the data. The k-means computed has exactly the same efficiency and accuracy as the k-means computed over the original dataset without any randomization. We argue that our algorithm is secure against honest but curious and passive adversary.Comment: 19 pages, 4 tables. International Conference on Information Systems Security. Springer, Cham, 201

Security in Vehicles With IoT by Prioritization Rules, Vehicle Certificates, and Trust Management

[EN] The Internet of Vehicles (IoV) provides new opportunities for the coordination of vehicles for enhancing safety and transportation performance. Vehicles can be coordinated for avoiding collisions by communicating their positions when near to each other, in which the information flow is indexed by their geographical positions or the ones in road maps. Vehicles can also be coordinated to ameliorate traffic jams by sharing their locations and destinations. Vehicles can apply optimization algorithms to reduce the overuse of certain streets without excessively enlarging the paths. In this way, traveling time can be reduced. However, IoV also brings security challenges, such as keeping safe from virtual hijacking. In particular, vehicles should detect and isolate the hijacked vehicles ignoring their communications. The current work presents a technique for enhancing security by applying certain prioritization rules, using digital certificates, and applying trust and reputation policies for detecting hijacked vehicles. We tested the proposed approach with a novel agent-based simulator about security in Internet of Things (IoT) for vehicle-to-vehicle communications. The experiments focused on the scenario of avoidance of collisions with hijacked vehicles misinforming other vehicles. The results showed that the current approach increased the average speed of vehicles with a 64.2% when these are giving way to other vehicles in a crossing by means of IoT.This work was supported by Harvard University (stay funded by T49_17R), University of Zaragoza (JIUZ-2017-TEC-03), Foundation Bancaria Ibercaja, Foundation CAI (IT1/18), University Foundation Antonio Gargallo (call 2017), and "Ministerio de Economia y Competitividad" in the "Programa Estatal de Fomento de la Investigacion Cientifica y Tecnica de Excelencia, Subprograma Estatal de Generacion de Conocimiento" (TIN2017-84802-C2-1-P).García-Magariño, I.; Sendra, S.; Lacuesta, R.; Lloret, J. (2019). Security in Vehicles With IoT by Prioritization Rules, Vehicle Certificates, and Trust Management. IEEE Internet of Things. 6(4):5927-5934. https://doi.org/10.1109/JIOT.2018.2871255S592759346

Try to Avoid Attacks: A Federated Data Sanitization Defense for Healthcare IoMT Systems

Healthcare IoMT systems are becoming intelligent, miniaturized, and more integrated into daily life. As for the distributed devices in the IoMT, federated learning has become a topical area with cloud-based training procedures when meeting data security. However, the distribution of IoMT has the risk of protection from data poisoning attacks. Poisoned data can be fabricated by falsifying medical data, which urges a security defense to IoMT systems. Due to the lack of specific labels, the filtering of malicious data is a unique unsupervised scenario. One of the main challenges is finding robust data filtering methods for various poisoning attacks. This paper introduces a Federated Data Sanitization Defense, a novel approach to protect the system from data poisoning attacks. To solve this unsupervised problem, we first use federated learning to project all the data to the subspace domain, allowing unified feature mapping to be established since the data is stored locally. Then we adopt the federated clustering to re-group their features to clarify the poisoned data. The clustering is based on the consistent association of data and its semantics. After we get the clustering of the private data, we do the data sanitization with a simple yet efficient strategy. In the end, each device of distributed ImOT is enabled to filter malicious data according to federated data sanitization. Extensive experiments are conducted to evaluate the efficacy of the proposed defense method against data poisoning attacks. Further, we consider our approach in the different poisoning ratios and achieve a high Accuracy and a low attack success rate