In the given technology-driven era, smart cities are the next frontier of technology, aiming at improving the quality of people's lives. Many research works focus on future smart cities with a holistic approach towards smart city development. In this paper, we introduce such future smart cities that leverage blockchain technology in areas like data security, energy and waste management, governance, transport, supply chain, including emergency events, and environmental monitoring. Blockchain, being a decentralized immutable ledger, has the potential to promote the development of smart cities by guaranteeing transparency, data security, interoperability, and privacy. Particularly, using blockchain in emergency events will provide interoperability between many parties involved in the response, will increase timeliness of services, and establish transparency. In that case, if a current fee-based or first-come-first-serve-based processing is used, emergency events may get delayed in being processed due to competition, and thus, threatening people's lives. Thus, there is a need for transaction prioritization based on the priority of information and quick creation of blocks (variable interval block creation mechanism). Also, since the leaders ensure transaction prioritization while generating blocks, leader rotation and proper election procedure become important for the transaction prioritization process to take place honestly and efficiently. In our consensus protocol, we deploy a machine learning (ML) algorithm to achieve efficient leader election and design a novel dynamic block creation algorithm. Also, to ensure honest assessment from the followers on the blocks generated by the leaders, a peer-prediction-based verification mechanism is proposed. Both security analysis and simulation experiments are carried out to demonstrate the robustness and accuracy of our proposed scheme.
相關內容
智慧(hui)(hui)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)(英語:Smart City)是(shi)指(zhi)利用各種信(xin)息技(ji)術(shu)或創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)意念,集成(cheng)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)的(de)(de)(de)組成(cheng)系統和(he)服務,以提升資源運用的(de)(de)(de)效率,優化(hua)(hua)(hua)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)管(guan)理(li)和(he)服務,以及改善市(shi)(shi)(shi)民生活質(zhi)量(liang)。智慧(hui)(hui)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)把新(xin)(xin)一(yi)(yi)(yi)代(dai)信(xin)息技(ji)術(shu)充分運用在城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)的(de)(de)(de)各行各業之中(zhong)的(de)(de)(de)基于(yu)知(zhi)識(shi)社(she)會下(xia)一(yi)(yi)(yi)代(dai)創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)(創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)2.0)的(de)(de)(de)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)信(xin)息化(hua)(hua)(hua)高級形態(tai)(tai),實現信(xin)息化(hua)(hua)(hua)、工(gong)業化(hua)(hua)(hua)與城(cheng)(cheng)(cheng)(cheng)鎮(zhen)化(hua)(hua)(hua)深度(du)融(rong)合,有助(zhu)于(yu)緩解“大城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)病”,提高城(cheng)(cheng)(cheng)(cheng)鎮(zhen)化(hua)(hua)(hua)質(zhi)量(liang),實現精(jing)細化(hua)(hua)(hua)和(he)動態(tai)(tai)管(guan)理(li),并提升城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)管(guan)理(li)成(cheng)效和(he)改善市(shi)(shi)(shi)民生活質(zhi)量(liang)。關于(yu)智慧(hui)(hui)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)的(de)(de)(de)具(ju)體定(ding)義比(bi)較廣(guang)泛(fan),目(mu)前在國際(ji)上被廣(guang)泛(fan)認同的(de)(de)(de)定(ding)義是(shi),智慧(hui)(hui)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)是(shi)新(xin)(xin)一(yi)(yi)(yi)代(dai)信(xin)息技(ji)術(shu)支撐、知(zhi)識(shi)社(she)會下(xia)一(yi)(yi)(yi)代(dai)創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)(創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)2.0)環(huan)境(jing)下(xia)的(de)(de)(de)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)形態(tai)(tai),強調智慧(hui)(hui)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)不僅(jin)(jin)僅(jin)(jin)是(shi)物聯網、云計算等(deng)新(xin)(xin)一(yi)(yi)(yi)代(dai)信(xin)息技(ji)術(shu)的(de)(de)(de)應用,更重要的(de)(de)(de)是(shi)通過面向知(zhi)識(shi)社(she)會的(de)(de)(de)創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)2.0的(de)(de)(de)方(fang)法論應用,構建用戶創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)、開(kai)放創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)、大眾(zhong)創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)、協同創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)為特征(zheng)的(de)(de)(de)城(cheng)(cheng)(cheng)(cheng)市(shi)(shi)(shi)可持續創(chuang)(chuang)(chuang)(chuang)新(xin)(xin)生態(tai)(tai)。
The majority of financial organizations managing confidential data are aware of security threats and leverage widely accepted solutions (e.g., storage encryption, transport-level encryption, intrusion detection systems) to prevent or detect attacks. Yet these hardening measures do little to face even worse threats posed on data-in-use. Solutions such as Homomorphic Encryption (HE) and hardware-assisted Trusted Execution Environment (TEE) are nowadays among the preferred approaches for mitigating this type of threat. However, given the high-performance overhead of HE, financial institutions -- whose processing rate requirements are stringent -- are more oriented towards TEE-based solutions. The X-Margin Inc. company, for example, offers secure financial computations by combining the Intel SGX TEE technology and HE-based Zero-Knowledge Proofs, which shield customers' data-in-use even against malicious insiders, i.e., users having privileged access to the system. Despite such a solution offers strong security guarantees, it is constrained by having to trust Intel and by the SGX hardware extension availability. In this paper, we evaluate a new frontier for X-Margin, i.e., performing privacy-preserving credit risk scoring via an emerging cryptographic scheme: Functional Encryption (FE), which allows a user to only learn a function of the encrypted data. We describe how the X-Margin application can benefit from this innovative approach and -- most importantly -- evaluate its performance impact.
Machine learning (ML) is increasingly being adopted in a wide variety of application domains. Usually, a well-performing ML model relies on a large volume of training data and high-powered computational resources. Such a need for and the use of huge volumes of data raise serious privacy concerns because of the potential risks of leakage of highly privacy-sensitive information; further, the evolving regulatory environments that increasingly restrict access to and use of privacy-sensitive data add significant challenges to fully benefiting from the power of ML for data-driven applications. A trained ML model may also be vulnerable to adversarial attacks such as membership, attribute, or property inference attacks and model inversion attacks. Hence, well-designed privacy-preserving ML (PPML) solutions are critically needed for many emerging applications. Increasingly, significant research efforts from both academia and industry can be seen in PPML areas that aim toward integrating privacy-preserving techniques into ML pipeline or specific algorithms, or designing various PPML architectures. In particular, existing PPML research cross-cut ML, systems and applications design, as well as security and privacy areas; hence, there is a critical need to understand state-of-the-art research, related challenges and a research roadmap for future research in PPML area. In this paper, we systematically review and summarize existing privacy-preserving approaches and propose a Phase, Guarantee, and Utility (PGU) triad based model to understand and guide the evaluation of various PPML solutions by decomposing their privacy-preserving functionalities. We discuss the unique characteristics and challenges of PPML and outline possible research directions that leverage as well as benefit multiple research communities such as ML, distributed systems, security and privacy.
Smart Grids and Industry 4.0 (I4.0) are neither a dream nor a near-future thing anymore, rather it is happening now. The integration of more and more embedded systems and IoT devices is pushing smart grids and I4.0 forward at a breakneck speed. To cope up with this, the modification of age-old SCADA (Supervisory Control and Data Acquisition) systems in terms of decentralization, near-real-time operation, security, and privacy is necessary. In this context, blockchain technology has the potential of providing not only these essential features of the data acquisition process of future SCADA systems but also many other useful add-ons. On the other side, it is evident that various type of security breach tends to take place more during any economic turmoil. These can cause even more serious devastation to the global economy and human life. Thus, it is necessary to make our industries robust, automated, and resilient with secured and immutable data acquiring systems. This paper deals with the implementation scopes of blockchain in the data acquisition part of SCADA systems in the area of the smart grid and I4.0. There are several consensus mechanisms to support blockchain integration in the field of cryptocurrencies, vehicular networks, healthcare systems, e-commerce, etc. But little attention has been paid to developing efficient and easy-to-implement consensus mechanisms in the field of blockchain-enabled SCADA systems. From this perspective, a novel consensus mechanism, which we call PoRCH (Proof of Random Count in Hashes), with a customized mining node selection scheme has been proposed in this paper. Also, a small-scale prototype of a blockchain-enabled data acquisition system has been developed. The performance evaluation of the implemented prototype shows the benefits of blockchain technology.
Differential privacy (DP) has been widely used to protect the privacy of confidential cyber physical energy systems (CPES) data. However, applying DP without analyzing the utility, privacy, and security requirements can affect the data utility as well as help the attacker to conduct integrity attacks (e.g., False Data Injection(FDI)) leveraging the differentially private data. Existing anomaly-detection-based defense strategies against data integrity attacks in DP-based smart grids fail to minimize the attack impact while maximizing data privacy and utility. To address this challenge, it is nontrivial to apply a defensive approach during the design process. In this paper, we formulate and develop the defense strategy as a part of the design process to investigate data privacy, security, and utility in a DP-based smart grid network. We have proposed a provable relationship among the DP-parameters that enables the defender to design a fault-tolerant system against FDI attacks. To experimentally evaluate and prove the effectiveness of our proposed design approach, we have simulated the FDI attack in a DP-based grid. The evaluation indicates that the attack impact can be minimized if the designer calibrates the privacy level according to the proposed correlation of the DP-parameters to design the grid network. Moreover, we analyze the feasibility of the DP mechanism and QoS of the smart grid network in an adversarial setting. Our analysis suggests that the DP mechanism is feasible over existing privacy-preserving mechanisms in the smart grid domain. Also, the QoS of the differentially private grid applications is found satisfactory in adversarial presence.
In this paper, we demonstrate how Hyperledger Fabric, one of the most popular permissioned blockchains, can benefit from network-attached acceleration. The scalability and peak performance of Fabric is primarily limited by the bottlenecks present in its block validation/commit phase. We propose Blockchain Machine, a hardware accelerator coupled with a hardware-friendly communication protocol, to act as the validator peer. It can be adapted to applications and their smart contracts, and is targeted for a server with network-attached FPGA acceleration card. The Blockchain Machine retrieves blocks and their transactions in hardware directly from the network interface, which are then validated through a configurable and efficient block-level and transaction-level pipeline. The validation results are then transferred to the host CPU where non-bottleneck operations are executed. From our implementation integrated with Fabric v1.4 LTS, we observed up to 12x speedup in block validation when compared to software-only validator peer, with commit throughput of up to 68,900 tps. Our work provides an acceleration platform that will foster further research on hardware acceleration of permissioned blockchains.
With the recent advances of IoT (Internet of Things) new and more robust security frameworks are needed to detect and mitigate new forms of cyber-attacks, which exploit complex and heterogeneity IoT networks, as well as, the existence of many vulnerabilities in IoT devices. With the rise of blockchain technologies service providers pay considerable attention to better understand and adopt blockchain technologies in order to have better secure and trusted systems for own organisations and their customers. The present paper introduces a high level guide for the senior officials and decision makers in the organisations and technology managers for blockchain security framework by design principle for trust and adoption in IoT environments. The paper discusses Cyber-Trust project blockchain technology development as a representative case study for offered security framework. Security and privacy by design approach is introduced as an important consideration in setting up the framework.
The application of machine learning (ML) in computer systems introduces not only many benefits but also risks to society. In this paper, we develop the concept of ML governance to balance such benefits and risks, with the aim of achieving responsible applications of ML. Our approach first systematizes research towards ascertaining ownership of data and models, thus fostering a notion of identity specific to ML systems. Building on this foundation, we use identities to hold principals accountable for failures of ML systems through both attribution and auditing. To increase trust in ML systems, we then survey techniques for developing assurance, i.e., confidence that the system meets its security requirements and does not exhibit certain known failures. This leads us to highlight the need for techniques that allow a model owner to manage the life cycle of their system, e.g., to patch or retire their ML system. Put altogether, our systematization of knowledge standardizes the interactions between principals involved in the deployment of ML throughout its life cycle. We highlight opportunities for future work, e.g., to formalize the resulting game between ML principals.
As data are increasingly being stored in different silos and societies becoming more aware of data privacy issues, the traditional centralized training of artificial intelligence (AI) models is facing efficiency and privacy challenges. Recently, federated learning (FL) has emerged as an alternative solution and continue to thrive in this new reality. Existing FL protocol design has been shown to be vulnerable to adversaries within or outside of the system, compromising data privacy and system robustness. Besides training powerful global models, it is of paramount importance to design FL systems that have privacy guarantees and are resistant to different types of adversaries. In this paper, we conduct the first comprehensive survey on this topic. Through a concise introduction to the concept of FL, and a unique taxonomy covering: 1) threat models; 2) poisoning attacks and defenses against robustness; 3) inference attacks and defenses against privacy, we provide an accessible review of this important topic. We highlight the intuitions, key techniques as well as fundamental assumptions adopted by various attacks and defenses. Finally, we discuss promising future research directions towards robust and privacy-preserving federated learning.
The demand for artificial intelligence has grown significantly over the last decade and this growth has been fueled by advances in machine learning techniques and the ability to leverage hardware acceleration. However, in order to increase the quality of predictions and render machine learning solutions feasible for more complex applications, a substantial amount of training data is required. Although small machine learning models can be trained with modest amounts of data, the input for training larger models such as neural networks grows exponentially with the number of parameters. Since the demand for processing training data has outpaced the increase in computation power of computing machinery, there is a need for distributing the machine learning workload across multiple machines, and turning the centralized into a distributed system. These distributed systems present new challenges, first and foremost the efficient parallelization of the training process and the creation of a coherent model. This article provides an extensive overview of the current state-of-the-art in the field by outlining the challenges and opportunities of distributed machine learning over conventional (centralized) machine learning, discussing the techniques used for distributed machine learning, and providing an overview of the systems that are available.
The concept of smart grid has been introduced as a new vision of the conventional power grid to figure out an efficient way of integrating green and renewable energy technologies. In this way, Internet-connected smart grid, also called energy Internet, is also emerging as an innovative approach to ensure the energy from anywhere at any time. The ultimate goal of these developments is to build a sustainable society. However, integrating and coordinating a large number of growing connections can be a challenging issue for the traditional centralized grid system. Consequently, the smart grid is undergoing a transformation to the decentralized topology from its centralized form. On the other hand, blockchain has some excellent features which make it a promising application for smart grid paradigm. In this paper, we have an aim to provide a comprehensive survey on application of blockchain in smart grid. As such, we identify the significant security challenges of smart grid scenarios that can be addressed by blockchain. Then, we present a number of blockchain-based recent research works presented in different literatures addressing security issues in the area of smart grid. We also summarize several related practical projects, trials, and products that have been emerged recently. Finally, we discuss essential research challenges and future directions of applying blockchain to smart grid security issues.
小貼士
登錄享
注冊地址: 北京市海淀區羊坊店路18號2幢3層301-191