Weizhi Meng, Sokratis K. Katsikas, Jiageng Chen, Chao Chen
{"title":"Security, Privacy, and Trust Management on Decentralized Systems and Networks","authors":"Weizhi Meng, Sokratis K. Katsikas, Jiageng Chen, Chao Chen","doi":"10.1002/nem.2311","DOIUrl":null,"url":null,"abstract":"<p>With the rapid growth of size and scale in current organization, decentralize systems are becoming dominant, which is an interconnected information system where no single entity or central server is employed as a sole authority, such as Internet of Things (IoT), smart home system, smart city system, and more. For such systems, sensors are important to gather and process data as the lower level components. However, with the distributed deployment, decentralized systems are facing various security, privacy, and trust issues. For instance, any compromised sensor may leak sensitive data or be used to infect other entities within the system. It is also a long-term challenge to establish trust among different nodes and defeat malicious insiders. Here, there is a requirement to develop suitable management schemes for decentralized systems and networks regarding security, privacy, and trust. This special issue focuses on the identification of security, privacy, and trust issues in decentralized systems and the development of effective solutions in handling security, privacy, and trust issues for decentralized systems, for example, IoT, cyber-physical systems (CPS), smart city, and smart home.</p><p>In the first contribution entitled “A security-enhanced equipment predictive maintenance solution for the ETO manufacturing,” Cao et al. proposed a security-enhanced predictive maintenance scheme specifically designed for ETO-type production equipment. This scheme can use the industrial Internet of Things (IIoT) technology to monitor machines and equipment, constructing prediction models using machine learning methods and reinforcing the security of the prediction system through adoption of a decentralized architecture with blockchain distributed storage. In this experiment, six supervised learning models were compared, and it was found that the model based on the random forest algorithm achieved an outstanding accuracy rate of 98.88%.</p><p>In the second contribution entitled “IGXSS: XSS payload detection model based on inductive GCN,” Wang et al. figured out that XSS is one of the most common web application attacks, in which an attacker can obtain private user information from IoT devices or cloud platforms. To address this issue, the authors proposed an XSS payload detection model based on inductive graph neural networks, shortly IGXSS (XSS payload detection model based on inductive GCN). The method aims to detect XSS payloads under an IoT environment by segmenting the samples as nodes and obtaining the feature matrix of nodes and edges.</p><p>In the third contribution entitled “Privacy-protected object detection through trustworthy image fusion,” Zhang et al. identified that user privacy may be leaked as infrared images may contain sensitive information. The authors then proposed a procedure for enhancing the database privacy, object detection based on multi-band infrared image datasets, and they utilized the transfer learning technique to migrate knowledge learned from external infrared data to internal infrared data. The proposed approach consists of several steps including data preprocessing of multi-band infrared images, multi-band infrared image fusion, and object detection. They found that transfer learning is very beneficial for keeping the privacy of multi-band infrared images during the fusion and detection processes.</p><p>In the fourth contribution entitled “ASMTP: Anonymous secure messaging token-based protocol assisted data security in swarm of unmanned aerial vehicles,” Manikandan and Sriramulu argued that there is a need for perfect forward secrecy and non-repudiation during UAV-to-UAV (unmanned aerial vehicles) communication. The authors proposed a protocol for UAV Swarm communication with anonymous secure messaging token-based protocol (ASMTP). Such protocol can help secure UAV-to-base station communication and safeguard the metadata of the sender and receiver nodes.</p><p>In the fifth contribution entitled “Privacy-preserving data aggregation achieving completeness of data queries in smart grid,” Li et al. identified that privacy and security should be the priority in smart grid systems. The authors proposed a privacy-preserving data aggregation scheme that aims to support data query. They also developed a multi-level data aggregation mechanism based on Paillier semi-homomorphic encryption, in order to reach efficient aggregation of user data in the control center. They used a data query mechanism based on electricity consumption intervals to enable the control center to query aggregated ciphertexts for different users.</p><p>In the sixth contribution entitled “A secure and light-weight patient survival prediction in Internet of Medical Things framework,” Mittal et al. aimed to explore the interplay of objective and subjective data in predicting postoperative outcomes and use this to help reduce data transmission costs in the Internet of Medical Things. Based on open dataset, they found that ensemble learning classifiers is superior when adopting all features, resulting in an accuracy rate of 0.92. In addition, when integrating select subjective features, a comparable accuracy rate of 0.91 can be reached.</p><p>In the seventh contribution entitled “Risk-Aware SDN Defense Framework Against Anti-Honeypot Attacks Using Safe Reinforcement Learning,” Gao et al. figured out that the network interaction between SDN servers and users is under risk. The authors proposed a risk-aware SDN defense framework based on safe reinforcement learning that can help mitigate the external attacks. The authors also introduced a risk level function to model the simultaneous dynamic attack and defense processes. Their simulation results showed that the proposed framework could enhance the defense utility by 17.5% and 142.4% compared with the QLearning scheme and the Random scheme.</p><p>On the whole, the special issue papers cover a broad range of research on security, privacy, and trust on decentralized systems and network and discuss many potential threats and promising solutions. The team of guest editors would like to thank Editor-in-Chief James Won-Ki Hong for their great support, as well as the paper authors and the reviewers for their contributions.</p>","PeriodicalId":14154,"journal":{"name":"International Journal of Network Management","volume":"34 6","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-10-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/nem.2311","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Network Management","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/nem.2311","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
With the rapid growth of size and scale in current organization, decentralize systems are becoming dominant, which is an interconnected information system where no single entity or central server is employed as a sole authority, such as Internet of Things (IoT), smart home system, smart city system, and more. For such systems, sensors are important to gather and process data as the lower level components. However, with the distributed deployment, decentralized systems are facing various security, privacy, and trust issues. For instance, any compromised sensor may leak sensitive data or be used to infect other entities within the system. It is also a long-term challenge to establish trust among different nodes and defeat malicious insiders. Here, there is a requirement to develop suitable management schemes for decentralized systems and networks regarding security, privacy, and trust. This special issue focuses on the identification of security, privacy, and trust issues in decentralized systems and the development of effective solutions in handling security, privacy, and trust issues for decentralized systems, for example, IoT, cyber-physical systems (CPS), smart city, and smart home.
In the first contribution entitled “A security-enhanced equipment predictive maintenance solution for the ETO manufacturing,” Cao et al. proposed a security-enhanced predictive maintenance scheme specifically designed for ETO-type production equipment. This scheme can use the industrial Internet of Things (IIoT) technology to monitor machines and equipment, constructing prediction models using machine learning methods and reinforcing the security of the prediction system through adoption of a decentralized architecture with blockchain distributed storage. In this experiment, six supervised learning models were compared, and it was found that the model based on the random forest algorithm achieved an outstanding accuracy rate of 98.88%.
In the second contribution entitled “IGXSS: XSS payload detection model based on inductive GCN,” Wang et al. figured out that XSS is one of the most common web application attacks, in which an attacker can obtain private user information from IoT devices or cloud platforms. To address this issue, the authors proposed an XSS payload detection model based on inductive graph neural networks, shortly IGXSS (XSS payload detection model based on inductive GCN). The method aims to detect XSS payloads under an IoT environment by segmenting the samples as nodes and obtaining the feature matrix of nodes and edges.
In the third contribution entitled “Privacy-protected object detection through trustworthy image fusion,” Zhang et al. identified that user privacy may be leaked as infrared images may contain sensitive information. The authors then proposed a procedure for enhancing the database privacy, object detection based on multi-band infrared image datasets, and they utilized the transfer learning technique to migrate knowledge learned from external infrared data to internal infrared data. The proposed approach consists of several steps including data preprocessing of multi-band infrared images, multi-band infrared image fusion, and object detection. They found that transfer learning is very beneficial for keeping the privacy of multi-band infrared images during the fusion and detection processes.
In the fourth contribution entitled “ASMTP: Anonymous secure messaging token-based protocol assisted data security in swarm of unmanned aerial vehicles,” Manikandan and Sriramulu argued that there is a need for perfect forward secrecy and non-repudiation during UAV-to-UAV (unmanned aerial vehicles) communication. The authors proposed a protocol for UAV Swarm communication with anonymous secure messaging token-based protocol (ASMTP). Such protocol can help secure UAV-to-base station communication and safeguard the metadata of the sender and receiver nodes.
In the fifth contribution entitled “Privacy-preserving data aggregation achieving completeness of data queries in smart grid,” Li et al. identified that privacy and security should be the priority in smart grid systems. The authors proposed a privacy-preserving data aggregation scheme that aims to support data query. They also developed a multi-level data aggregation mechanism based on Paillier semi-homomorphic encryption, in order to reach efficient aggregation of user data in the control center. They used a data query mechanism based on electricity consumption intervals to enable the control center to query aggregated ciphertexts for different users.
In the sixth contribution entitled “A secure and light-weight patient survival prediction in Internet of Medical Things framework,” Mittal et al. aimed to explore the interplay of objective and subjective data in predicting postoperative outcomes and use this to help reduce data transmission costs in the Internet of Medical Things. Based on open dataset, they found that ensemble learning classifiers is superior when adopting all features, resulting in an accuracy rate of 0.92. In addition, when integrating select subjective features, a comparable accuracy rate of 0.91 can be reached.
In the seventh contribution entitled “Risk-Aware SDN Defense Framework Against Anti-Honeypot Attacks Using Safe Reinforcement Learning,” Gao et al. figured out that the network interaction between SDN servers and users is under risk. The authors proposed a risk-aware SDN defense framework based on safe reinforcement learning that can help mitigate the external attacks. The authors also introduced a risk level function to model the simultaneous dynamic attack and defense processes. Their simulation results showed that the proposed framework could enhance the defense utility by 17.5% and 142.4% compared with the QLearning scheme and the Random scheme.
On the whole, the special issue papers cover a broad range of research on security, privacy, and trust on decentralized systems and network and discuss many potential threats and promising solutions. The team of guest editors would like to thank Editor-in-Chief James Won-Ki Hong for their great support, as well as the paper authors and the reviewers for their contributions.
期刊介绍:
Modern computer networks and communication systems are increasing in size, scope, and heterogeneity. The promise of a single end-to-end technology has not been realized and likely never will occur. The decreasing cost of bandwidth is increasing the possible applications of computer networks and communication systems to entirely new domains. Problems in integrating heterogeneous wired and wireless technologies, ensuring security and quality of service, and reliably operating large-scale systems including the inclusion of cloud computing have all emerged as important topics. The one constant is the need for network management. Challenges in network management have never been greater than they are today. The International Journal of Network Management is the forum for researchers, developers, and practitioners in network management to present their work to an international audience. The journal is dedicated to the dissemination of information, which will enable improved management, operation, and maintenance of computer networks and communication systems. The journal is peer reviewed and publishes original papers (both theoretical and experimental) by leading researchers, practitioners, and consultants from universities, research laboratories, and companies around the world. Issues with thematic or guest-edited special topics typically occur several times per year. Topic areas for the journal are largely defined by the taxonomy for network and service management developed by IFIP WG6.6, together with IEEE-CNOM, the IRTF-NMRG and the Emanics Network of Excellence.