Privacy Preservation & Security Solutions in Blockchain Network

Blockchain has seen exponential progress over the past few years, and today its usage extends well beyond cryptocurrencies. Its features, including openness, transparency, secure communication, difficult falsification, and multi-consensus, have made it one of the most valuable technology in the world. In most open blockchain platforms, any node can access the data on the blockchain, which leads to a potential risk of personal information leakage. So the issue of blockchain privacy and security is particularly prominent and has become an important research topic in the field of blockchain. This dissertation mainly summarizes my research on blockchain privacy and security protection issues throughout recent years. We first summarize the security and privacy vulnerabilities in the mining pools of traditional bitcoin networks and some possible protection measures. We then propose a new type of attack: coin hopping attack, in the case of multiple blockchains under an IoT environment. This attack is only feasible in blockchain-based IoT scenarios, and can significantly reduce the operational efficiency of the entire blockchain network in the long run. We demonstrate the feasibility of this attack by theoretical analysis of four different attack models and propose two possible solutions. We also propose an innovative hybrid blockchain crowdsourcing platform solution to settle the performance bottlenecks and various challenges caused by privacy, scalability, and verification efficiency problems of current blockchain-based crowdsourcing systems. We offer flexible task-based permission control and a zero-knowledge proof mechanism in the implementation of smart contracts to flexibly obtain different levels of privacy protection. By performing several tests on Ethereum and Hyperledger Fabric, EoS.io blockchains, the performance of the proposed platform consensus under different transaction volumes is verified. At last, we also propose further investigation on the topics of the privacy issues when combining AI with blockchain and propose some defense strategies

Vehicle as a Service (VaaS): Leverage Vehicles to Build Service Networks and Capabilities for Smart Cities

Smart cities demand resources for rich immersive sensing, ubiquitous communications, powerful computing, large storage, and high intelligence (SCCSI) to support various kinds of applications, such as public safety, connected and autonomous driving, smart and connected health, and smart living. At the same time, it is widely recognized that vehicles such as autonomous cars, equipped with significantly powerful SCCSI capabilities, will become ubiquitous in future smart cities. By observing the convergence of these two trends, this article advocates the use of vehicles to build a cost-effective service network, called the Vehicle as a Service (VaaS) paradigm, where vehicles empowered with SCCSI capability form a web of mobile servers and communicators to provide SCCSI services in smart cities. Towards this direction, we first examine the potential use cases in smart cities and possible upgrades required for the transition from traditional vehicular ad hoc networks (VANETs) to VaaS. Then, we will introduce the system architecture of the VaaS paradigm and discuss how it can provide SCCSI services in future smart cities, respectively. At last, we identify the open problems of this paradigm and future research directions, including architectural design, service provisioning, incentive design, and security & privacy. We expect that this paper paves the way towards developing a cost-effective and sustainable approach for building smart cities.Comment: 32 pages, 11 figure

Game Theory Based Privacy Protection for Context-Aware Services

In the era of context-aware services, users are enjoying remarkable services based on data collected from a multitude of users. To receive services, they are at risk of leaking private information from adversaries possibly eavesdropping on the data and/or the un--trusted service platform selling off its data. Malicious adversaries may use leaked information to violate users\u27 privacy in unpredictable ways. To protect users\u27 privacy, many algorithms are proposed to protect users\u27 sensitive information by adding noise, thus causing context-aware service quality loss. Game theory has been utilized as a powerful tool to balance the tradeoff between privacy protection level and service quality. However, most of the existing schemes fail to depict the mutual relationship between any two parties involved: user, platform, and adversary. There is also an oversight to formulate the interaction occurring between multiple users, as well as the interaction between any two attributes. To solve these issues, this dissertation firstly proposes a three-party game framework to formulate the mutual interaction between three parties and study the optimal privacy protection level for context-aware services, thus optimize the service quality. Next, this dissertation extends the framework to a multi-user scenario and proposes a two-layer three-party game framework. This makes the proposed framework more realistic by further exploring the interaction, not only between different parties, but also between users. Finally, we focus on analyzing the impact of long-term time-serial data and the active actions of the platform and adversary. To achieve this objective, we design a three-party Stackelberg game model to help the user to decide whether to update information and the granularity of updated information