8,798 research outputs found
Enabling Strong Privacy Preservation and Accurate Task Allocation for Mobile Crowdsensing
Mobile crowdsensing engages a crowd of individuals to use their mobile
devices to cooperatively collect data about social events and phenomena for
special interest customers. It can reduce the cost on sensor deployment and
improve data quality with human intelligence. To enhance data trustworthiness,
it is critical for service provider to recruit mobile users based on their
personal features, e.g., mobility pattern and reputation, but it leads to the
privacy leakage of mobile users. Therefore, how to resolve the contradiction
between user privacy and task allocation is challenging in mobile crowdsensing.
In this paper, we propose SPOON, a strong privacy-preserving mobile
crowdsensing scheme supporting accurate task allocation from geographic
information and credit points of mobile users. In SPOON, the service provider
enables to recruit mobile users based on their locations, and select proper
sensing reports according to their trust levels without invading user privacy.
By utilizing proxy re-encryption and BBS+ signature, sensing tasks are
protected and reports are anonymized to prevent privacy leakage. In addition, a
privacy-preserving credit management mechanism is introduced to achieve
decentralized trust management and secure credit proof for mobile users.
Finally, we show the security properties of SPOON and demonstrate its
efficiency on computation and communication.Comment: This paper has been submitted to IEEE TM
EPDA: Enhancing Privacy-Preserving Data Authentication for Mobile Crowd Sensing
As a popular application, mobile crowd sensing systems aim at providing more
convenient service via the swarm intelligence. With the popularity of
sensor-embedded smart phones and intelligent wearable devices, mobile crowd
sensing is becoming an efficient way to obtain various types of sensing data
from individuals, which will make people's life more convenient. However,
mobile crowd sensing systems today are facing a critical challenge, namely the
privacy leakage of the sensitive information and valuable data, which can raise
grave concerns among the participants. To address this issue, we propose an
enhanced secure certificateless privacy-preserving verifiable data
authentication scheme for mobile crowd sensing, named EPDA. The proposed scheme
provides unconditional anonymous data authentication service for mobile crowd
sensing, by deploying an improved certificateless ring signature as the
cryptogram essential, in which the big sensing data should be signed by one of
legitimate members in a specific group and could be verified without exposing
the actual identity of the participant. The formal security proof demonstrates
that EPDA is secure against existential forgery under adaptive chosen message
and identity attacks in random oracle model. Finally, extensive simulations are
conducted. The results show that the proposed EPDA efficiently decreases
computational cost and time consumption in the sensing data authentication
process
Extended Capabilities for a Privacy-Enhanced Participatory Sensing Infrastructure (PEPSI)
Participatory sensing is emerging as an innovative computing paradigm that
targets the ubiquity of always-connected mobile phones and their sensing
capabilities. In this context, a multitude of pioneering applications
increasingly carry out pervasive collection and dissemination of information
and environmental data, such as, traffic conditions, pollution, temperature,
etc. Participants collect and report measurements from their mobile devices and
entrust them to the cloud to be made available to applications and users.
Naturally, due to the personal information associated to the reports (e.g.,
location, movements, etc.), a number of privacy concerns need to be taken into
account prior to a large-scale deployment of these applications. Motivated by
the need for privacy protection in Participatory Sensing, this work presents
PEPSI: a Privacy-Enhanced Participatory Sensing Infrastructure. We explore
realistic architectural assumptions and a minimal set of formal requirements
aiming at protecting privacy of both data producers and consumers. We propose
two instantiations that attain privacy guarantees with provable security at
very low additional computational cost and almost no extra communication
overhead.Comment: A preliminary version of this article, titled "PEPSI:
Privacy-Enhanced Participatory Sensing Infrastructure", appears in the
Proceedings of the 4th ACM Conference on Wireless Security (WiSec 2011). This
is the extended (journal) version, currently in revisio
Understanding Security Requirements and Challenges in Internet of Things (IoTs): A Review
Internet of Things (IoT) is realized by the idea of free flow of information
amongst various low power embedded devices that use Internet to communicate
with one another. It is predicted that the IoT will be widely deployed and it
will find applicability in various domains of life. Demands of IoT have lately
attracted huge attention and organizations are excited about the business value
of the data that will be generated by the IoT paradigm. On the other hand, IoT
have various security and privacy concerns for the end users that limit its
proliferation. In this paper we have identified, categorized and discussed
various security challenges and state of the art efforts to resolve these
challenges
Secure Mobile Crowdsensing with Deep Learning
In order to stimulate secure sensing for Internet of Things (IoT)
applications such as healthcare and traffic monitoring, mobile crowdsensing
(MCS) systems have to address security threats, such as jamming, spoofing and
faked sensing attacks, during both the sensing and the information exchange
processes in large-scale dynamic and heterogenous networks. In this article, we
investigate secure mobile crowdsensing and present how to use deep learning
(DL) methods such as stacked autoencoder (SAE), deep neural network (DNN), and
convolutional neural network (CNN) to improve the MCS security approaches
including authentication, privacy protection, faked sensing countermeasures,
intrusion detection and anti-jamming transmissions in MCS. We discuss the
performance gain of these DL-based approaches compared with traditional
security schemes and identify the challenges that need to be addressed to
implement them in practical MCS systems.Comment: 7 pages, 5 figure
Preserving the Location Privacy of Secondary Users in Cooperative Spectrum Sensing
Cooperative spectrum sensing, despite its effectiveness in enabling dynamic
spectrum access, suffers from location privacy threats, merely because
secondary users (SUs)' sensing reports that need to be shared with a fusion
center to make spectrum availability decisions are highly correlated to the
users' locations. It is therefore important that cooperative spectrum sensing
schemes be empowered with privacy preserving capabilities so as to provide SUs
with incentives for participating in the sensing task. In this paper, we
propose privacy preserving protocols that make use of various cryptographic
mechanisms to preserve the location privacy of SUs while performing reliable
and efficient spectrum sensing. We also present cost-performance tradeoffs. The
first consists on using an additional architectural entity at the benefit of
incurring lower computation overhead by relying only on symmetric cryptography.
The second consists on using an additional secure comparison protocol at the
benefit of incurring lesser architectural cost by not requiring extra entities.
Our schemes can also adapt to the case of a malicious fusion center as we
discuss in this paper. We also show that not only are our proposed schemes
secure and more efficient than existing alternatives, but also achieve fault
tolerance and are robust against sporadic network topological changes.Comment: Published in IEEE Transactions on Information Forensics and Security,
14 pages, 7 figure
Security and Privacy Challenges in Cognitive Wireless Sensor Networks
Wireless sensor networks (WSNs) have attracted a lot of interest in the
research community due to their potential applicability in a wide range of
real-world practical applications. However, due to the distributed nature and
their deployments in critical applications without human interventions and
sensitivity and criticality of data communicated, these networks are vulnerable
to numerous security and privacy threats that can adversely affect their
performance. These issues become even more critical in cognitive wireless
sensor networks (CWSNs) in which the sensor nodes have the capabilities of
changing their transmission and reception parameters according to the radio
environment under which they operate in order to achieve reliable and efficient
communication and optimum utilization of the network resources. This chapter
presents a comprehensive discussion on the security and privacy issues in CWSNs
by identifying various security threats in these networks and various defense
mechanisms to counter these vulnerabilities. Various types of attacks on CWSNs
are categorized under different classes based on their natures and targets, and
corresponding to each attack class, appropriate security mechanisms are also
discussed. Some critical research issues on security and privacy in CWSNs are
also identified.Comment: 36 pages, 4 figures, 2 tables. The book chapter is accepted for
publication in 201
General Privacy-Preserving Verifiable Incentive Mechanism for Crowdsourcing Markets
In crowdsourcing markets, there are two different type jobs, i.e. homogeneous
jobs and heterogeneous jobs, which need to be allocated to workers. Incentive
mechanisms are essential to attract extensive user participating for achieving
good service quality, especially under a given budget constraint condition. To
this end, recently, Singer et al. propose a novel class of auction mechanisms
for determining near-optimal prices of tasks for crowdsourcing markets
constrained by the given budget. Their mechanisms are very useful to motivate
extensive user to truthfully participate in crowdsourcing markets. Although
they are so important, there still exist many security and privacy challenges
in real-life environments. In this paper, we present a general
privacy-preserving verifiable incentive mechanism for crowdsourcing markets
with the budget constraint, not only to exploit how to protect the bids and
assignments' privacy, and the chosen winners' privacy in crowdsourcing markets
with homogeneous jobs and heterogeneous jobs and identity privacy from users,
but also to make the verifiable payment between the platform and users for
crowdsourcing applications. Results show that our general privacy-preserving
verifiable incentive mechanisms achieve the same results as the generic one
without privacy preservation.Comment: This paper has been withdrawn by the author due to a crucial sign
error in equation 1 and Figure
SecureFind: Secure and Privacy-Preserving Object Finding via Mobile Crowdsourcing
The plummeting cost of Bluetooth tags and the ubiquity of mobile devices are
revolutionizing the traditional lost-and-found service. This paper presents
SecureFind, a secure and privacy-preserving object-finding system via mobile
crowdsourcing. In SecureFind, a unique Bluetooth tag is attached to every
valuable object, and the owner of a lost object submits an object-finding
request to many mobile users via the SecureFind service provider. Each mobile
user involved searches his vicinity for the lost object on behalf of the object
owner who can infer the location of his lost object based on the responses from
mobile users. SecureFind is designed to ensure strong object security such that
only the object owner can discover the location of his lost object as well as
offering strong location privacy to mobile users involved. The high efficacy
and efficiency of SecureFind are confirmed by extensive simulations
Preserving Location Privacy in Mobile Edge Computing
The burgeoning technology of Mobile Edge Computing is attracting the
traditional LBS and LS to deploy due to its nature characters such as low
latency and location awareness. Although this transplant will avoid the
location privacy threat from the central cloud provider, there still exists the
privacy concerns in the LS of MEC scenario. Location privacy threat arises
during the procedure of the fingerprint localization, and the previous studies
on location privacy are ineffective because of the different threat model and
information semantic. To address the location privacy in MEC environment, we
designed LoPEC, a novel and effective scheme for protecting location privacy
for the MEC devices. By the proper model of the RAN access points, we proposed
the noise-addition method for the fingerprint data, and successfully induce the
attacker from recognizing the real location. Our evaluation proves that LoPEC
effectively prevents the attacker from obtaining the user's location precisely
in both single-point and trajectory scenarios
- …