Efficient privacy-preserving facial expression classification

This paper proposes an efficient algorithm to perform privacy-preserving (PP) facial expression classification (FEC) in the client-server model. The server holds a database and offers the classification service to the clients. The client uses the service to classify the facial expression (FaE) of subject. It should be noted that the client and server are mutually untrusted parties and they want to perform the classification without revealing their inputs to each other. In contrast to the existing works, which rely on computationally expensive cryptographic operations, this paper proposes a lightweight algorithm based on the randomization technique. The proposed algorithm is validated using the widely used JAFFE and MUG FaE databases. Experimental results demonstrate that the proposed algorithm does not degrade the performance compared to existing works. However, it preserves the privacy of inputs while improving the computational complexity by 120 times and communication complexity by 31 percent against the existing homomorphic cryptography based approach

User collusion avoidance scheme for privacy-preserving decentralized key-policy attribute-based encryption

Decentralized attribute-based encryption (ABE) is a variant of multi-authority based ABE whereby any attribute authority (AA) can independently join and leave the system without collaborating with the existing AAs. In this paper, we propose a user collusion avoidance scheme which preserves the user's privacy when they interact with multiple authorities to obtain decryption credentials. The proposed scheme mitigates the well-known user collusion security vulnerability found in previous schemes. We show that our scheme relies on the standard complexity assumption (decisional bilienar Deffie-Hellman assumption). This is contrast to previous schemes which relies on non-standard assumption (q-decisional Diffie-Hellman inversion)

Privacy-preserving iVector-based speaker verification

This work introduces an efficient algorithm to develop a privacy-preserving (PP) voice verification based on iVector and linear discriminant analysis techniques. This research considers a scenario in which users enrol their voice biometric to access different services (i.e., banking). Once enrolment is completed, users can verify themselves using their voice-print instead of alphanumeric passwords. Since a voice-print is unique for everyone, storing it with a third-party server raises several privacy concerns. To address this challenge, this work proposes a novel technique based on randomisation to carry out voice authentication, which allows the user to enrol and verify their voice in the randomised domain. To achieve this, the iVector based voice verification technique has been redesigned to work on the randomised domain. The proposed algorithm is validated using a well known speech dataset. The proposed algorithm neither compromises the authentication accuracy nor adds additional complexity due to the randomisation operations

Privacy-preserving clinical decision support system using gaussian kernel-based classification

A clinical decision support system forms a critical capability to link health observations with health knowledge to influence choices by clinicians for improved healthcare. Recent trends toward remote outsourcing can be exploited to provide efficient and accurate clinical decision support in healthcare. In this scenario, clinicians can use the health knowledge located in remote servers via the Internet to diagnose their patients. However, the fact that these servers are third party and therefore potentially not fully trusted raises possible privacy concerns. In this paper, we propose a novel privacy-preserving protocol for a clinical decision support system where the patients' data always remain in an encrypted form during the diagnosis process. Hence, the server involved in the diagnosis process is not able to learn any extra knowledge about the patient's data and results. Our experimental results on popular medical datasets from UCI-database demonstrate that the accuracy of the proposed protocol is up to 97.21% and the privacy of patient data is not compromised

Blockchain-based distributive auction for relay-assisted secure communications

Physical layer security (PLS) is considered as a promising technique to prevent information eavesdropping in wireless systems. In this context, cooperative relaying has emerged as a robust solution for achieving PLS due to multipath diversity and relatively lower transmission power. However, relays or the relay operators in the practical environment are unwilling for service provisioning unless they are incentivized for their cost of services. Thus, it is required to jointly consider network economics and relay cooperation to improve system efficiency. In this paper, we consider the problem of joint network economics and PLS using cooperative relaying and jamming. Based on the double auction theory, we model the interaction between transmitters seeking for a particular level of secure transmission of information and relay operators for suitable relay and jammer assignment, in a multiple source-destination networks. In addition, theoretical analyses are presented to justify that the proposed auction mechanism satisfies the desirable economic properties of individual rationality, budget balance, and truthfulness. As the participants in the traditional centralized auction framework may take selfish actions or collude with each other, we propose a decentralized and trustless auction framework based on blockchain technology. In particular, we exploit the smart contract feature of blockchain to construct a completely autonomous framework, where all the participants are financially enforced by smart contract terms. The security properties of the proposed framework are also discussed

A survey: Security, transparency, and scalability issues of NFT’s and its marketplaces

Non-fungible Tokens (NFTs) are ownership records stored on a blockchain, and they are typically digital items such as photos and videos. In many ways, an NFT is like a conventional proof-of-purchase document, such as a paper invoice or an electronic receipt. NFTs are attractive among other things because of verifiability; each sale is recorded as a blockchain transaction, allowing ownership to be tracked. Also, NFTs can be used to transfer digital assets between two mutually distrusting parties, since both the crypto payment and the asset transfer take place in one transaction. With NFTs, all marketplaces can freely trade with the help of decentralized applications (DApps). It is currently estimated that there are over 245 NFT marketplaces (NFTM) listed with over 1000 blockchains as of August 2022 with 68 million blockchain wallet users. With the expansion of markets, they must face challenges and issues. The objective of this review is to study the market dynamics of NFT ecosystems. It also focuses on technical components that enable NFTs and their marketplace. The review provides a deeper understanding of its components, how they are related, and why they are important. The paper analyses the challenges faced by NFTs and marketplaces in terms of security, transparency, scalability, and the consequences leading to these issues and how they will address them, as well as future opportunities

Blockchain for doping control applications in sports: a conceptual approach

Doping is a well-known problem in competitive sports. Along the years, several cases have come to public, evidencing corrupt practices from within the sports environment. To guarantee fair play and prevent public health issues, anti-doping organizations and sports authorities are expected to cooperate in the fight against doping. To achieve this mission, doping-related data must be produced, stored, accessed, and shared in a secure, tamperproof, and privacy-preserving manner. This paper investigates the processes and tools established by the World Anti-Doping Agency for the global harmonization of doping control activities. From this investigation, it is possible to conclude that there is an inherent trust problem, in part due to a centralized data management paradigm and to the lack of fully digitalized processes. Therefore, this paper presents two main contributions: the concept of a multiorganizational decentralized data governance model and a blockchain-based design for one of the most sensitive data-sharing processes within the anti-doping ecosystem. Throughout this article, it is shown that the adoption of a permissioned blockchain can benefit the whole anti-doping community, creating more reliable processes for handling data, where privacy and security are enhanced

FAST DATA: a fair, secure and trusted decentralized IIoT data marketplace enabled by blockchain

As the world calls it, data is the new oil. With vast installments of Industrial Internet-of-Things (IIoT) infrastructure, data is produced at a rate like never before. Similarly, artificial intelligence (AI) and machine learning (ML) solutions are getting integrated to numerous services, making them "smarter". However, the data remains fragmented in individual organizational silos inhibiting data value extraction to it’s full potential. Digital marketplaces are emerging to allow data owners to monetize this data. Yet concerns like privacy, security and unfair payment settlement deter adoption of such platforms. In addition, the state-of-the-art platforms are under the control of large multinational corporations with no transparency between buyer and seller in terms of payment details, listing, data discovery and storage. In this work, a novel decentralized platform of digital data marketplace for IoT data has been proposed. The platform leverages a decentralized data streaming network to host IoT data in a reliable and fault tolerant manner. The platform ensures fair trading, data storage and delivery in a privacy preserving manner and trust metric calculation for actors in the network. In order to study the feasibility of the proposed platform, an open source library is developed using Hyperledger Fabric and data network layer built on VerneMQ, the library is deployed on a real-time Google cloud platform. The library is tested and results are analysed for throughput, overheads and scalability

In-app activity recognition from Wi-Fi encrypted traffic

In today’s world mobile applications have been widely used, which bring great convenience to people’s lives. However, at the same time user privacy is potentially threatened. This paper shows that a passive eavesdropper can identify fine grained user activities (known as in-app activities) by analysing encrypted traffic collected by sniffing a wireless network. Even though encryption protocols are used to secure communications over the Internet, side channel data such as frame length, inter arrival time and direction are still leaked from encrypted traffic. To identify in-app activities from this side channel data machine learning techniques are used. Furthermore, we show that just by observing only a small subset of encrypted traffic (rather than observing the entire transaction), one can identify in-app activities accurately. The proposed solution was evaluated with 51 in-app activities from three popular social networking apps and obtained high detection accuracy, 95.4% when Bayes Net algorithm is used

User mobile app encrypted activity detection

Mobile users install different types of applications on their mobile devices based on their interests and needs and perform various activities on them (known as in-app activities). In this paper, we demonstrate that a passive eavesdropper can identify fine grained in-app activities by analysing encrypted network traffic information obtained by sniffing a Wireless Local Area Network (WLAN). Even though encryption protocols are used to provide security over Internet communications, side channel data is still leaked from encrypted traffic. We utilise this data (frame length, inter arrival time and direction) to identify the in-app activities. Further as a first study of its kind, we show that it is possible to identify in-app activities accurately by observing a very small subset of traffic, rather than observing the entire transaction of an activity as presented in existing literature. To reach these observations, we evaluated 51 in-app activities from three popular social networking apps and identified more than 85% of them correctly using the Bayes Net machine learning algorithm