您的检索:
学者姓名:公备
精炼检索结果:
年份
成果类型
收录类型
来源
综合
合作者
语言
清除所有精炼条件
摘要 :
The Industrial Internet of Things (IIoT), through the extensive deployment of devices for sensing, transmitting, and analyzing production states, can provide users with more comprehensive services and enhance production and manufacturing efficiency. However, most IIoT devices are limited by software and hardware resources, and existing mature security mechanisms are no longer suitable due to high-computing and communication costs. This weakness makes these devices highly susceptible to illegal attacks, such as counterfeiting, leading to a decline in service quality of IIoT. Therefore, to ensure the secure and efficient verification of the legitimacy of numerous IIoT devices, scholars have employed numerous viable solutions. However, many existing solutions have difficulty achieving a balance between the limited resources and security requirements of IIoT, resulting in certain shortcomings. To address this, we first propose a lightweight certificateless signature scheme without pairing, which can achieve unforgeability and reduce computation pressure by batch verification for multiple signatures. Furthermore, we propose a lightweight certificateless mutual authentication scheme (LCLMA-BS) for the IIoT. LCLMA-BS is capable of conducting key agreement for both authentication parties and batch authentication for multiple participants. Moreover, through analysis and proof, LCLMA-BS is shown to have various security properties, such as perfect forward and backward security and known session-specific temporary information security. Finally, the simulation results indicate that our signature and LCLMA-BS exhibit higher computational efficiency and communication efficiency, demonstrating better suitability for the IIoT.
关键词 :
Production Production Servers Servers Industrial Internet of Things Industrial Internet of Things Certificateless Certificateless Cloud computing Cloud computing Authentication Authentication signature signature Security Security Industrial Internet of Things (IIoT) Industrial Internet of Things (IIoT) Mathematical models Mathematical models mutual authentication mutual authentication
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Yin, Deshuai , Gong, Bei . A Lightweight Certificateless Mutual Authentication Scheme Based on Signatures for IIoT [J]. | IEEE INTERNET OF THINGS JOURNAL , 2024 , 11 (16) : 26852-26865 . |
| MLA | Yin, Deshuai 等. "A Lightweight Certificateless Mutual Authentication Scheme Based on Signatures for IIoT" . | IEEE INTERNET OF THINGS JOURNAL 11 . 16 (2024) : 26852-26865 . |
| APA | Yin, Deshuai , Gong, Bei . A Lightweight Certificateless Mutual Authentication Scheme Based on Signatures for IIoT . | IEEE INTERNET OF THINGS JOURNAL , 2024 , 11 (16) , 26852-26865 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Blockchain-based Industrial Internet of Things (IIoT) integrates the blockchain technology into the traditional IIoT infrastructure to provide secure and collaborative services. In IIoT, the traffic is usually encrypted using a cipher suite (SSL/TLS) for secure communication, which makes it hard for middleboxes (MBs) to detect malicious activity in the traffic. To address this problem, secure MBs that directly perform encrypted traffic inspection have been presented. Recently, a new privacy preserving deep packet inspection (DPI) system on MB for IoT scenarios was proposed, but it suffered from the following two limitations: 1) no support for fast token detection and 2) no support for tracing abnormal sources. To address the two limitations, we propose BTDPI, a privacy-preserving traceable DPI system that efficiently performs inspection over encrypted traffic in blockchain-based IIoT. Technically, we adopt a two-layer filter architecture to improve the efficiency of detection and moreover introduce a new online-offline certificateless aggregate signature with smart contract to design an identity traceability mechanism. The experiment result shows that BTDPI runs 26.7x faster for token detection with 3000 tokens and 3000 rules than the state-of-the-art work.
关键词 :
Industrial Internet of Things (IIoT) Industrial Internet of Things (IIoT) encrypted traffic inspection encrypted traffic inspection Blockchain Blockchain
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Zhang, Kai , Deng, Minjun , Gong, Bei et al. Privacy-Preserving Traceable Encrypted Traffic Inspection in Blockchain-Based Industrial IoT [J]. | IEEE INTERNET OF THINGS JOURNAL , 2024 , 11 (2) : 3484-3496 . |
| MLA | Zhang, Kai et al. "Privacy-Preserving Traceable Encrypted Traffic Inspection in Blockchain-Based Industrial IoT" . | IEEE INTERNET OF THINGS JOURNAL 11 . 2 (2024) : 3484-3496 . |
| APA | Zhang, Kai , Deng, Minjun , Gong, Bei , Miao, Yinbin , Ning, Jianting . Privacy-Preserving Traceable Encrypted Traffic Inspection in Blockchain-Based Industrial IoT . | IEEE INTERNET OF THINGS JOURNAL , 2024 , 11 (2) , 3484-3496 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Overprivilege Attack, a widely reported phenomenon in IoT that accesses unauthorized or excessive resources, is notoriously hard to prevent, trace and mitigate. In this paper, we propose TBAC, a Tokoin-Based Access Control model enabled by blockchain and Trusted Execution Environment (TEE) technologies, to offer fine-grained access control and strong auditability for IoT. TBAC materializes the virtual access power into a definite-amount, secure and accountable cryptographic coin, termed "tokoin" (token+coin), and manages it using atomic and accountable state-transition functions in a blockchain. A tokoin carries a fine-grained policy defined by the resource owner to specify the requirements to be satisfied before an access is granted, and the behavioral constraints that describe the correct procedure to follow during access. The strong-auditability is achieved with blockchain and a TEE-enabled trusted access control object (TACO) to ensure that all access activities are securely monitored and auditable. We prototype TBAC by implementing all its functions with well-studied cryptographic primitives over different blockchain platforms, building a TACO on top of the ARM Cortex-M33 TEE microcontroller, and constructing a user-friendly APP for regular users. A case study is finally presented to demonstrate how TBAC is employed to enable autonomous and secure in-home cargo delivery.
关键词 :
Access control Access control access procedure control access procedure control Program processors Program processors Internet of Things Internet of Things Microcontrollers Microcontrollers auditability auditability overprivilege attack overprivilege attack Fine-grained access control Fine-grained access control Blockchains Blockchains User interfaces User interfaces blockchain blockchain trusted execution environment (TEE) trusted execution environment (TEE) IoT IoT Prototypes Prototypes
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Liu, Chunchi , Xu, Minghui , Guo, Hechuan et al. TBAC: A Tokoin-Based Accountable Access Control Scheme for the Internet of Things [J]. | IEEE TRANSACTIONS ON MOBILE COMPUTING , 2024 , 23 (5) : 6133-6148 . |
| MLA | Liu, Chunchi et al. "TBAC: A Tokoin-Based Accountable Access Control Scheme for the Internet of Things" . | IEEE TRANSACTIONS ON MOBILE COMPUTING 23 . 5 (2024) : 6133-6148 . |
| APA | Liu, Chunchi , Xu, Minghui , Guo, Hechuan , Cheng, Xiuzhen , Xiao, Yinhao , Yu, Dongxiao et al. TBAC: A Tokoin-Based Accountable Access Control Scheme for the Internet of Things . | IEEE TRANSACTIONS ON MOBILE COMPUTING , 2024 , 23 (5) , 6133-6148 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Edge intelligence is a critical enabler of intelligent application services in the Internet of Things (IoT). However, due to complex environmental factors, edge devices are subject to constant dynamic changes, which can result in security threats and sensitive information leakage. Therefore, it is essential to investigate data stream online analysis and detection strategies and implement an online releasing mechanism to ensure sensitive information is not leaked. Existing work rarely addresses these issues simultaneously or has poor performance, which poses a challenge. To address this challenge, we propose an intelligent edge dual-structure ensemble method (IEDSEM), consisting of three key components: 1) data preprocessing; 2) drift detection data analytics (IEDSEM-DDDA); and 3) privacy-preserving data releasing (IEDSEM-PPDR). Data preprocessing is used primarily to enhance the quality of data streams to improve the performance of model learning. IEDSEM-DDDA involves three sequential operations: 1) dynamic feature selection; 2) model learning and selection and 3) online model ensemble deployment to achieve anomaly detection of online data streams. Meanwhile, IEDSEM-PPDR uses differential privacy and online optimization operations to achieve intelligent hierarchical protection of edge data. To validate the performance of our proposed IEDSEM method, we conducted two comprehensive simulation experiments on real data machines, verifying the accuracy of the concept drift component detection and the privacy optimization performance of the privacy-preserving component, respectively. Simulation results show that compared with several other advanced high-performance algorithms, our algorithm has over 99% accuracy in data stream analysis detection and more outstanding privacy-preserving ability.
关键词 :
Data releasing Data releasing drift detection drift detection intelligent edge intelligent edge privacy preserving privacy preserving dual structure dual structure
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Zhang, Jiangjiang , Gong, Bei , Wang, Qian et al. An Intelligent Edge Dual-Structure Ensemble Method for Data Stream Detection and Releasing [J]. | IEEE INTERNET OF THINGS JOURNAL , 2024 , 11 (1) : 863-879 . |
| MLA | Zhang, Jiangjiang et al. "An Intelligent Edge Dual-Structure Ensemble Method for Data Stream Detection and Releasing" . | IEEE INTERNET OF THINGS JOURNAL 11 . 1 (2024) : 863-879 . |
| APA | Zhang, Jiangjiang , Gong, Bei , Wang, Qian , Wu, Yong , Zheng, Guiping . An Intelligent Edge Dual-Structure Ensemble Method for Data Stream Detection and Releasing . | IEEE INTERNET OF THINGS JOURNAL , 2024 , 11 (1) , 863-879 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Although attribute-based signcryption (ABSC) offers a promising technology to ensure the security of IoT data sharing, it faces a two-fold challenge in practical implementation, namely, the linearly increasing computation and communication costs and the heavy load of single authority based key management. To this end, we propose a Secure and Lightweight Multi-authority ABSC scheme called SLIM in this paper. The signcryption and de-signcryption costs of devices are reduced to a small constant by offloading most of the computation to the edge server. To minimize communication and storage costs, a short and constant-size ciphertext is designed. Moreover, we adopt a hierarchical multi-authority architecture, setting up multiple attribute authorities that manage keys independently to prevent the bottleneck. Rigorous security analysis proves that the SLIM scheme can resist adaptive chosen ciphertext attacks and adaptive chosen message attacks under the standard model. Simulation experiments demonstrate the correctness of our theoretical derivations and the cost reduction of the SLIM scheme in computation, communication and storage.
关键词 :
access control access control multi-authority multi-authority outsourced computation outsourced computation Attribute-based signcryption Attribute-based signcryption constant-size ciphertext constant-size ciphertext
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Gong, Bei , Guo, Chong , Guo, Chen et al. SLIM: A Secure and Lightweight Multi-Authority Attribute-Based Signcryption Scheme for IoT [J]. | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2024 , 19 : 1299-1312 . |
| MLA | Gong, Bei et al. "SLIM: A Secure and Lightweight Multi-Authority Attribute-Based Signcryption Scheme for IoT" . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY 19 (2024) : 1299-1312 . |
| APA | Gong, Bei , Guo, Chong , Guo, Chen , Sun, Yao , Waqas, Muhammad , Chen, Sheng . SLIM: A Secure and Lightweight Multi-Authority Attribute-Based Signcryption Scheme for IoT . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2024 , 19 , 1299-1312 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Although 5G and beyond communication technology empower a large number of edge heterogeneous devices and applications, the stringent security remains a major concern when dealing with the millions of edge computing tasks in the highly dynamic heterogeneous networks (HDHNs). Blockchains contribute significantly to addressing security challenges by guaranteeing the reliability of data and information. Since the node's mobility, there are risks of exiting the network and leaving the remaining tasks noncomputed. Therefore, we model the cost function of offloaded computing tasks as a dynamic stochastic game. To reduce the computational complexity, the Time-Variant Mean-Field term (TVMF) is adopted to solve the cost-optimized problem. What's more, we design an Adaptivity-Aware Practical byzantine fault tolerance consensus Protocol (AAPP) to dynamically formulate domains, execute leader node selection with regard to task completion and quickly verify computational results. In addition, a Dynamic Multi-domain Fractional Repetition uncoded repair storage (DMFR) scheme with variant redundancy is proposed to reduce the storage pressure and repair overhead. The simulation is implemented to demonstrate our scheme outperforms the benchmarks in terms of cost and time overhead.
关键词 :
Games Games mean-field game mean-field game Dynamic scheduling Dynamic scheduling blockchains blockchains Dynamic networks Dynamic networks fractional repetition code fractional repetition code tasks offload tasks offload Wireless communication Wireless communication Task analysis Task analysis Mobile handsets Mobile handsets Maintenance engineering Maintenance engineering Costs Costs
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Bai, Fenhua , Shen, Tao , Yu, Zhuo et al. Blockchain-Enhanced Time-Variant Mean Field-Optimized Dynamic Computation Sharing in Mobile Network [J]. | IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS , 2024 , 23 (9) : 12140-12156 . |
| MLA | Bai, Fenhua et al. "Blockchain-Enhanced Time-Variant Mean Field-Optimized Dynamic Computation Sharing in Mobile Network" . | IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS 23 . 9 (2024) : 12140-12156 . |
| APA | Bai, Fenhua , Shen, Tao , Yu, Zhuo , Song, Jian , Gong, Bei , Waqas, Muhammad et al. Blockchain-Enhanced Time-Variant Mean Field-Optimized Dynamic Computation Sharing in Mobile Network . | IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS , 2024 , 23 (9) , 12140-12156 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
With the widespread adoption of Internet of Things (IoT) devices, remote attestation is crucial for ensuring their security. However, current schemes that require a central verifier or interactive approaches are expensive and inefficient for collaborative autonomous systems. Furthermore, the security of the software state cannot be guaranteed before or between successive attestations, leaving devices vulnerable to Time-Of-Check-Time-Of- Use (TOCTOU) attacks, as well as confidentiality issues arising from pre-sharing software information with the verifier. Therefore, we propose the Secure mutual Attestation against TOCTOU Zero-Knowledge proof based for IoT devices (ZKSA), which allows devices to mutually attest without a central verifier, and the attestation result is transparent while preserving confidentiality. We implement a ZKSA prototype on a Raspberry Pi 3B, demonstrating its feasibility and security. Even if malware is removed before the next attestation, it will be detected and the detection time is typically constant. Simulations show that compared to other schemes for mutual attestation, such as DIAT and CFRV, ZKSA exhibits scalability. When the prover attests to numerous verifier devices, ZKSA reduces the verification time from linear to constant.
关键词 :
IoT devices security IoT devices security TOCTOU attacks TOCTOU attacks Remote attestation Remote attestation Software state Software state Zero-knowledge proof Zero-knowledge proof
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Bai, Fenhua , Wang, Zikang , Zeng, Kai et al. ZKSA: Secure mutual Attestation against TOCTOU Zero-knowledge Proof based for IoT Devices [J]. | COMPUTERS & SECURITY , 2024 , 148 . |
| MLA | Bai, Fenhua et al. "ZKSA: Secure mutual Attestation against TOCTOU Zero-knowledge Proof based for IoT Devices" . | COMPUTERS & SECURITY 148 (2024) . |
| APA | Bai, Fenhua , Wang, Zikang , Zeng, Kai , Zhang, Chi , Shen, Tao , Zhang, Xiaohui et al. ZKSA: Secure mutual Attestation against TOCTOU Zero-knowledge Proof based for IoT Devices . | COMPUTERS & SECURITY , 2024 , 148 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
Deep learning is a thriving field currently stuffed with many practical applications and active research topics. It allows computers to learn from experience and to understand the world in terms of a hierarchy of concepts, with each being defined through its relations to simpler concepts. Relying on the strong capabilities of deep learning, we propose a convolutional generative adversarial network-based (Conv-GAN) framework titled MalFox, targeting adversarial malware example generation against third-party black-box malware detectors. Motivated by the rival game between malware authors and malware detectors, MalFox adopts a confrontational approach to produce perturbation paths, with each formed by up to three methods (namely Obfusmal, Stealmal, and Hollowmal) to generate adversarial malware examples. To demonstrate the effectiveness of MalFox, we collect a large dataset consisting of both malware and benignware programs, and investigate the performance of MalFox in terms of accuracy, detection rate, and evasive rate of the generated adversarial malware examples. Our evaluation indicates that the accuracy can be as high as 99.0% which significantly outperforms the other 12 well-known learning models. Furthermore, the detection rate is dramatically decreased by 56.8% on average, and the average evasive rate is noticeably improved by up to 56.2%.
关键词 :
Engines Engines Electronic mail Electronic mail Closed box Closed box Detectors Detectors Malware Malware Perturbation methods Perturbation methods deep learning deep learning Adversarial malware examples Adversarial malware examples malware malware Computer viruses Computer viruses generative adversarial network generative adversarial network
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Zhong, Fangtian , Cheng, Xiuzhen , Yu, Dongxiao et al. MalFox: Camouflaged Adversarial Malware Example Generation Based on Conv-GANs Against Black-Box Detectors [J]. | IEEE TRANSACTIONS ON COMPUTERS , 2024 , 73 (4) : 980-993 . |
| MLA | Zhong, Fangtian et al. "MalFox: Camouflaged Adversarial Malware Example Generation Based on Conv-GANs Against Black-Box Detectors" . | IEEE TRANSACTIONS ON COMPUTERS 73 . 4 (2024) : 980-993 . |
| APA | Zhong, Fangtian , Cheng, Xiuzhen , Yu, Dongxiao , Gong, Bei , Song, Shuaiwen , Yu, Jiguo . MalFox: Camouflaged Adversarial Malware Example Generation Based on Conv-GANs Against Black-Box Detectors . | IEEE TRANSACTIONS ON COMPUTERS , 2024 , 73 (4) , 980-993 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
The popularity of the Internet of Things (IoT) has enabled a large number of vulnerable devices to connect to the Internet, bringing huge security risks. As a network-level security authentication method, device fingerprint based on machine learning has attracted considerable attention because it can detect vulnerable devices in complex and heterogeneous access phases. However, flexible and diversified IoT devices with limited resources increase difficulty of the device fingerprint authentication method executed in IoT, because it needs to retrain the model network to deal with incremental features or types. To address this problem, a device fingerprinting mechanism based on a Broad Learning System (BLS) is proposed in this paper. The mechanism firstly characterizes IoT devices by traffic analysis based on the identifiable differences of the traffic data of IoT devices, and extracts feature parameters of the traffic packets. A hierarchical hybrid sampling method is designed at the preprocessing phase to improve the imbalanced data distribution and reconstruct the fingerprint dataset. The complexity of the dataset is reduced using Principal Component Analysis (PCA) and the device type is identified by training weights using BLS. The experimental results show that the proposed method can achieve state-of-the-art accuracy and spend less training time than other existing methods.
关键词 :
Broad learning system Broad learning system Class imbalance Class imbalance Device fingerprint Device fingerprint Traffic analysis Traffic analysis Access authentication Access authentication
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | Zhang, Yu , Gong, Bei , Wang, Qian . BLS-identification: A device fingerprint classification mechanism based on broad learning for Internet of Things [J]. | DIGITAL COMMUNICATIONS AND NETWORKS , 2024 , 10 (2) : 728-739 . |
| MLA | Zhang, Yu et al. "BLS-identification: A device fingerprint classification mechanism based on broad learning for Internet of Things" . | DIGITAL COMMUNICATIONS AND NETWORKS 10 . 2 (2024) : 728-739 . |
| APA | Zhang, Yu , Gong, Bei , Wang, Qian . BLS-identification: A device fingerprint classification mechanism based on broad learning for Internet of Things . | DIGITAL COMMUNICATIONS AND NETWORKS , 2024 , 10 (2) , 728-739 . |
| 导入链接 | NoteExpress RIS BibTex |
摘要 :
本发明提供一种基于预言机的边缘计算跨链算力交易方法。边缘计算将计算资源带到了网络边缘,满足了许多新兴应用对高效算力的需求。联盟链实现了不可信的交易者之间的可信算力交易。现有的大多数研究忽略了区块链之间的算力交易,这大大降低了算力的利用率。本发明设计了一种基于预言机的跨链算力交易框架。预言机作为连接区块链的中介,确保可信的跨链交易。本发明提出了一种基于预言机的算力交易机制,实现可信的链上和跨链算力交易。本发明通过效用函数综合地表示了交易者的利润、时延和能量消耗,并建立了双层Stackelberg博弈,以实现买卖双方的公平效用平衡。本发明证明了纳什均衡的存在性,并利用差分进化算法得到了最优解。
引用:
复制并粘贴一种已设定好的引用格式,或利用其中一个链接导入到文献管理软件中。
| GB/T 7714 | 公备 , 朱光卓 , 王茜 . 一种基于预言机的边缘计算跨链算力交易方法 : CN202310635360.8[P]. | 2023-05-31 . |
| MLA | 公备 et al. "一种基于预言机的边缘计算跨链算力交易方法" : CN202310635360.8. | 2023-05-31 . |
| APA | 公备 , 朱光卓 , 王茜 . 一种基于预言机的边缘计算跨链算力交易方法 : CN202310635360.8. | 2023-05-31 . |
| 导入链接 | NoteExpress RIS BibTex |
导出
| 数据: |
选中 到 |
| 格式: |
