Fine-grained cooperative access control scheme with hidden policies

The traditional ciphertext policy attribute-based encryption (CP-ABE) has two problems:one is that the access policy must be embedded in the ciphertext and sent, which leads to the disclosure of user爷 s privacy information, the other is that it does not support collaborative decryption, which cannot meet the actual demand of conditional collaborative decryption among multiple users. In order to deal with the above two problems at the same time, a fine-grained cooperative access control scheme with hidden policies (FCAC-HP) is proposed based on the existing CP-ABE schemes combined with blockchain technology. In FCAC-HP scheme, users are grouped by group identifier so that only users within the same group can cooperate. In the data encryption stage, the access policy is encrypted and then embedded in the ciphertext to protect the privacy information of the access policy. In the data access stage, the anonymous attribute matching technology is introduced so that only matched users can decrypt ciphertext data to improve the efficiency of the system. In this process, a smart contract is used to execute the verification algorithm to ensure the credibility of the results. In terms of security, FCAC-HP scheme is based on the prime subgroup discriminative assumption and is proved to be indistinguishable under chosen plaintext attack (CPA) by dual system encryption technology. Experimental verification and analysis show that FCAC-HP scheme improves computational efficiency while implementing complex functions.     

虚假数据注入攻击信号的融合估计

研究了信息物理系统中假数据注入(False data injection, FDI)攻击信号的检测问题. 在分布式融合框架下, 首先将FDI攻击信号建模为信息物理系统模型中的未知输入, 从而使得攻击信号的检测问题转化为对FDI攻击信号的实时估计问题. 其次, 在每个传感器端设计基于自适应卡尔曼滤波的FDI攻击信号的局部估计器; 在融合中心端引入补偿因子, 设计分布式信息融合准则以导出攻击信号的融合估计器. 特别地, 当FDI攻击信号是时变情况时, 融合过程中补偿因子的引入可以大大提高对攻击信号的估计精度. 最后, 通过两个仿真算例验证所提算法的有效性.     

基于拉普拉斯特征映射学习的隐匿FDI攻击检测

智能电网中的隐匿虚假数据入侵(False data injection, FDI)攻击能够绕过坏数据检测机制, 导致控制中心做出错误的状态估计, 进而干扰电力系统的正常运行. 由于电网系统具有复杂的拓扑结构, 故基于传统机器学习的攻击信号检测方法存在维度过高带来的过拟合问题, 而深度学习检测方法则存在训练时间长、占用大量计算资源的问题. 为此, 针对智能电网中的隐匿FDI攻击信号, 提出了基于拉普拉斯特征映射降维的神经网络检测学习算法, 不仅降低了陷入过拟合的风险, 同时也提高了隐匿FDI攻击检测学习算法的泛化能力. 最后, 在IEEE57-Bus电力系统模型中验证了所提方法的优点和有效性.     

Sensitive attribute privacy preservation of trajectory data publishing based on l-diversity

Distributed and Parallel Databases - The widely application of positioning technology has made collecting the movement of people feasible for knowledge-based decision. Data in its original form...     

强隐私保护的移动群智感知方案

为了实现移动群智感知系统中身份隐私、证书撤销和积分激励功能,同时解决恶意用户身份追踪与诚实用户隐私保护之间的矛盾,提出了强隐私保护的移动群智感知方案.基于门限密码思想将身份追踪能力分散到多个实体上,使得多个追踪者合作才能追踪用户身份;将Pointcheval-Sanders签名和基于RSA假设的Camenisch-Lysyanskaya累加器结合起来实现了证书的安全快速撤销;利用Pointcheval-Sanders签名构造了保护隐私的积分激励机制.对该方案进行了安全性分析和实验分析.研究结果表明,该方案不仅满足安全要求,而且在实际应用中具有可行性.     

协同入侵检测研究现状与展望

协同入侵检测技术(collaborative intrusion detection system, CIDS)能够检测分布式协同攻击,应对大规模网络入侵,拥有传统入侵检测系统所不具备的优势,而如何在提高检测性能的同时实现去中心化是一个重要的研究课题。通过对近年来CIDS研究成果的梳理,阐述了在检测方法、数据聚合、隐私保护和信任管理方面的研究进展和问题,分析了在去中心化方面面临的挑战,探讨了基于区块链技术的CIDS未来发展方向,最后展望了CIDS在云计算、物联网等新兴领域的应用前景。     

一种可扩展的动态数据持有性证明方案

提出了一种能保护数据隐私的动态数据持有性证明方案, 并对方案的安全性进行了证明, 性能分析表明该方案具有低存储、计算和传输负载的特点。通过扩展实现了对公开可验证和多副本检查的支持, 扩展方案的特点在于公开验证中不需要可信第三方的参与, 而多副本检查可以方便地实现对所有副本的批量检查。     

A lossless secret image sharing scheme using a larger finite field

Recent research has made an effort to take 8b-bit value as a polynomial coefficient and use a random number as the maximum coefficient term in a Shamir’s polynomial, where b > 0. These can help improve computationl efficiency by reducing the sum of calculating polynomials, and avoid the case of the coefficient of x^k??1 being zero. However, such research still has the issues of requiring much extra storage space, lossy secret image, shadow images with large size, and storing permutation key. To solve the above issues, in this paper, we propose a novel scheme which takes 8b-bit value as a polynomial coefficient, designs a bit-level method and runs under Galois Field GF(2^8b). Experimental results show that this scheme improves existing similar schemes on several aspects, such as less extra storage space and higher computational performance.

     

RLINK: Deep reinforcement learning for user identity linkage

World Wide Web - User identity linkage is a task of recognizing the identities of the same user across different social networks (SN). Previous works tackle this problem via estimating the pairwise...