Among existing privacy-preserving approaches, Differential Privacy (DP) is a powerful tool that can provide privacy-preserving noisy query answers over statistical databases and has been widely adopted in many practical fields. In particular, as a privacy machine of DP, Randomized Aggregable Privacy-Preserving Ordinal Response (RAPPOR) enables strong privacy, efficient, and high-utility guarantees for each client string in data crowdsourcing. However, as for Internet of Things(IoT), such as smart gird, data are often processed in batches. Therefore, developing a new random response algorithm that can support batch-processing tend to make it more efficient and suitable for IoT applications than existing random response algorithms. In this paper, we propose a new randomized response algorithm that can achieve differential-privacy and utility guar-antees for consumer's behaviors, and process a batch of data at each time. Firstly, by applying sparse coding in this algorithm, a behavior signature dictionary is created from the aggregated energy consumption data in fog. Then, we add noise into the behavior signature dictionary by classical randomized response techniques and achieve the differential privacy after data re-aggregation. Through the security analysis with the principle of differential privacy and experimental results verification, we find that our Algorithm can preserve consumer's privacy with-out comprising utility.

The advances of cloud computing, fog computing and Internet of Things (IoT) make the industries more prosperous than ever. A wide range of industrial systems such as transportation systems and manufacturing systems have been developed by integrating cloud computing, fog computing and IoT successfully. Security and privacy issues are a major concern that hinders the wide adoptions of these novel techniques. In this paper, we focus on assured data deletion, an issue which is important but received less attention in academia and industry. We firstly propose a framework to integrate the cloud, the fog and the things together to manage the stored data from industries or individuals. We then focus on secure data deletion in this framework by proposing an assured data deletion scheme which fulfills fine-grained access control over sensitive data and verifiable data deletion. Only the data owners and the fog devices are involved when deleting a data key and validating the data deletion, which makes the protocol practical due to the features of low latency and real-time interaction of fog computing. The proposed protocol takes advantage of attribute-based encryption and is provably secure under the standard model. The theoretical analysis shows the good performance and functionality requirements while the implementation results demonstrate the feasibility of our proposal.

Driven by the primary requirement of emerging 5G mobile services, the demand for concurrent multipath transfer (CMT) is still prominent. Yet, multipath transport protocols are not widely adopted and TCP-based CMT schemes will still be in dominant position in 5G. However, the performance of TCP flow transferred over multiple heterogeneous paths is prone to the link quality asymmetry, the extent of which was revealed to be significant by our field investigation. In this paper, we present a performance analysis model for TCP over multiple heterogeneous paths in 5G scenarios, where both bandwidth and delay asymmetry are taken into consideration. The evaluation adopting parameters from field investigation shows that the proposed model can achieve high accuracy in practical environments. Some interesting inferences can be drawn from the proposed model, such as the dominant factor that affect the performance of TCP over heterogeneous networks, and the criteria of determining the appropriate number of links to be used under different circumstances of path heterogeneity. Thus, the proposed model can provide a guidance to the design of TCP-based CMT solutions for 5G mobile services.

This paper focuses on the routing algorithm for the communications between vehicles and places in urban VANET. As one of the basic transportation facilities in an urban setting, buses periodically run along their fixed routes and widely cover city streets. The trajectory of bus lines can be seen as a sub map of a city. Based on the characters of bus networks, we propose a bus trajectory-based street-centric routing algorithm (BTSC), which uses bus as main relay to deliver message. In BTSC, we build a routing graph based on the trajectories of bus lines by analyzing the probability of bus appearing on every street. We propose two novel concepts, i.e. the probability of street consistency (PSC) and the probability of path consistency (PPC) which is used as metrics to determine routing paths for message delivery. This aims to choose the best path with higher density of busses and lower probability of transmission direction deviating from the routing path. In order to improve the bus forwarding opportunity, we design a bus-based forwarding strategy with ant colony optimization (FACO) to find a reliable and steady multi-hop link between two relay buses in order to decrease end-to-end delay. BTSC makes the improvements in the selection of routing path and the strategy of message forwarding. Simulation results show that our proposed routing algorithm has a better performance in transmission ratio, transmission delay and adaptability to different networks.

With the ever growing diversity of devices and applications that will be connected to 5G networks, flexible and agile service orchestration with acknowledged QoE that satisfies end-user's functional and QoS requirements is necessary. SDN (Software-Defined Networking) and NFV (Network Function Virtualization) are considered key enabling technologies for 5G core networks. In this regard, this paper proposes a reinforcement learning based QoS/QoE-aware Service Function Chaining (SFC) in SDN/NFV-enabled 5G slices. First, it implements a lightweight QoS information collector based on LLDP, which works in a piggyback fashion on the southbound interface of the SDN controller, to enable QoS-awareness. Then, a DQN (Deep Q Network) based agent framework is designed to support SFC in the context of NFV. The agent takes into account the QoE and QoS as key aspects to formulate the reward so that it is expected to maximize QoE while respecting QoS constraints. The experiment results show that this framework exhibits good performance in QoE provisioning and QoS requirements maintenance for SFC in dynamic network environments.

Recent advances in Socially Aware Networks (SANs) have allowed its use in many domains, out of which social Internet of vehicles (SIOV) is of prime importance. SANs can provide a promising routing and forwarding paradigm for SIOV by using interest-based communication. Though able to improve the forwarding performance, existing interest-based schemes fail to consider the important issue of protecting users' interest information. In this paper, we propose a PRivacy-preserving Interest-based Forwarding scheme (PRIF) for SIOV, which not only protects the interest information, but also improves the forwarding performance. We propose a privacy-preserving authentication protocol to recognize communities among mobile nodes. During data routing and forwarding, a node can know others' interests only if they are affiliated with the same community. Moreover, to improve forwarding performance, a new metric {\em community energy} is introduced to indicate vehicular social proximity. Community energy is generated when two nodes encounter one another and information is shared among them. PRIF considers this energy metric to select forwarders towards the destination node or the destination community. Security analysis indicates PRIF can protect nodes' interest information. In addition, extensive simulations have been conducted to demonstrate that PRIF outperforms the existing algorithms including the BEEINFO, Epidemic, and PRoPHET.

Recent advances in Socially Aware Networks (SANs) have allowed its use in many domains, out of which social Internet of vehicles (SIOV) is of prime importance. SANs can provide a promising routing and forwarding paradigm for SIOV by using interest-based communication. Though able to improve the forwarding performance, existing interest-based schemes fail to consider the important issue of protecting users' interest information. In this paper, we propose a PRivacy-preserving Interest-based Forwarding scheme (PRIF) for SIOV, which not only protects the interest information, but also improves the forwarding performance. We propose a privacy-preserving authentication protocol to recognize communities among mobile nodes. During data routing and forwarding, a node can know others' interests only if they are affiliated with the same community. Moreover, to improve forwarding performance, a new metric {\em community energy} is introduced to indicate vehicular social proximity. Community energy is generated when two nodes encounter one another and information is shared among them. PRIF considers this energy metric to select forwarders towards the destination node or the destination community. Security analysis indicates PRIF can protect nodes' interest information. In addition, extensive simulations have been conducted to demonstrate that PRIF outperforms the existing algorithms including the BEEINFO, Epidemic, and PRoPHET.

To facilitate monitoring and management, modern Implantable Medical Devices (IMDs) are often equipped with wireless capabilities, which raise the risk of malicious access to IMDs. Although schemes are proposed to secure the IMD access, some issues are still open. First, pre-sharing a long-term key between a patient's IMD and a doctor's programmer is vulnerable since once the doctor's programmer is compromised, all of her patients suffer; establishing a temporary key by leveraging proximity gets rid of pre-shared keys, but as the approach lacks real authentication, it can be exploited by nearby adversaries or through man-in-the-middle attacks. Second, while prolonging the lifetime of IMDs is one of the most important design goals, few schemes explore to lower the communication and computation overhead all at once. Finally, how to safely record the commands issued by doctors for the purpose of forensics, which can be the last measure to protect the patients' rights, is commonly omitted in the existing literature. Motivated by these important yet open problems, we propose an innovative scheme e-SAFE, which significantly improves security and safety, reduces the communication overhead and enables IMD-access forensics. We present a novel lightweight compressive sensing based encryption algorithm to encrypt and compress the IMD data simultaneously, reducing the data transmission overhead by over 50% while ensuring high data confidentiality and usability. Furthermore, we provide a suite of protocols regarding device pairing, dual-factor authentication, and accountability-enabled access. The security analysis and performance evaluation show the validity and efficiency of the proposed scheme.

Cloud-assisted Cognitive Internet of Things has powerful data analytics abilities based on the computing and data storage capabilities of cloud virtual machines, which makes protecting virtual machine filesystem very important for the whole system security. Agentless periodic filesystem monitors are optimal solutions to protect cloud virtual machines because of the secure and low-overhead features. However, most of the periodic monitors usually scan all of the virtual machine filesystem or protected files in every scanning poll, so lots of secure files are scanned again and again even though they are not corrupted. In this paper, we propose a novel agentless periodic filesystem monitor framework for virtual machines with different image formats to improve the performance of agentless periodic monitors. Our core idea is to minimize the scope of the scanning files in both file integrity checking and virus detection. In our monitor, if a file is considered secure, it will not be scanned when it has not been modified. Since our monitor only scans the newly created and modified files, it can check fewer files than other filesystem monitors. To that end, we propose two monitor methods for different types of virtual machine disks to reduce the number of scanning files. For virtual machine with single disk image, we hook the backend driver to capture the disk modification information. For virtual machine with multiple copy-onwrite images, we leverage the copy-on-write feature of QCOW2 images to achieve the disk modification analysis. In addition, our system can restore and remove the corrupted files. The experimental results show that our system is effective for both Windows and Linux virtual machines with different image formats and can reduce the number of scanning files and scanning time.

Recently, the IaaS (Infrastructure as a Service) Cloud (e.g., Amazon EC2) has been widely used by many organizations. However, some IaaS security issues create serious threats to its users. A typical issue is the timing channel. This kind of channel can be a cross-VM information channel, as proven by many researchers. Because it is covert and traceless, the traditional identification methods cannot build an accurate analysis model and obtain a compromised result. We investigated the underlying behavior of the timing channel from the perspective of the memory activity records and summarized the signature of the timing channel in the underlying memory activities. An identification method based on long-term behavior signatures was proposed. We proposed a complete set of forensics steps including evidence extraction, identification, record reserve, and evidence reports. We studied four typical timing channels, and the experiments showed that these channels can be detected and investigated, even with disturbances from normal processes.

The burgeoning technology of Mobile Edge Computing is attracting the traditional LBS and LS to deploy due to its nature characters such as low latency and location awareness. Although this transplant will avoid the location privacy threat from the central cloud provider, there still exists the privacy concerns in the LS of MEC scenario. Location privacy threat arises during the procedure of the fingerprint localization, and the previous studies on location privacy are ineffective because of the different threat model and information semantic. To address the location privacy in MEC environment, we designed LoPEC, a novel and effective scheme for protecting location privacy for the MEC devices. By the proper model of the RAN access points, we proposed the noise-addition method for the fingerprint data, and successfully induce the attacker from recognizing the real location. Our evaluation proves that LoPEC effectively prevents the attacker from obtaining the user's location precisely in both single-point and trajectory scenarios.

Android-based devices like smartphones have become ideal mobile cyber-physical systems (MCPS) due to their powerful processors and variety of sensors. In recent years, an explosively and continuously growing number of malicious applications (malapps) have posed a great threat to Android-based MCPS as well as users' privacy. The effective detection of malapps is an emerging yet crucial task. How to establish relationships among malapps, discover their potential communities, and explore their evolution process has become a challenging issue in effective detection of malapps. To deal with this issue, in this work, we are motivated to propose an automated community detection method for Android malapps by building a relation graph based on their static features. First, we construct a large feature set to profile the behaviors of malapps. Second, we propose an E-N algorithm by combining epsilon graph and k-nearest neighbor (k-NN) graph for graph construction. It solves the problem of an incomplete graph led by epsilon method and the problem of noise generated by k-NN graph. Finally, a community detection method, Infomap, is employed to explore the underlying structures of the relation graph, and obtain the communities of malapps. We evaluate our community detection method with 3996 malapp samples. Extensive experimental results show that our method outperforms the traditional clustering methods and achieves the best performance with rand statistic of 94.93% and accuracy of 79.53%.

Fog computing, a non-trivial extension of cloud computing to the edge of the network, has great advantage in providing services with a lower latency. In smart grid, the application of fog computing can greatly facilitate the collection of consumer's fine-grained energy consumption data, which can then be used to draw the load curve and develop a plan or model for power generation. However, such data may also reveal customer's daily activities. Non-intrusive load monitoring (NILM) can monitor an electrical circuit that powers a number of appliances switching on and off independently. If an adversary analyzes the meter readings together with the data measured by an NILM device, the customer's privacy will be disclosed. In this paper, we propose an effective privacy-preserving scheme for electric load monitoring, which can guarantee differential privacy of data disclosure in smart grid. In the proposed scheme, an energy consumption behavior model based on Factorial Hidden Markov Model (FHMM) is established. In addition, noise is added to the behavior parameter, which is different from the traditional methods that usually add noise to the energy consumption data. The analysis shows that the proposed scheme can get a better trade-off between utility and privacy compared with other popular methods.

In recent years, with the continuous development of significant data industrialization, trajectory data have more and more critical analytical value for urban construction and environmental monitoring. However, the trajectory contains a lot of personal privacy, and rashly publishing trajectory data set will cause serious privacy leakage risk. At present, the privacy protection of trajectory data mainly uses the methods of data anonymity and generalization, without considering the background knowledge of attackers and ignores the risk of adjacent location points may leak sensitive location points. In this paper, based on the above problems, combined with the location correlation of trajectory data, we proposed a plausible replacement method. Firstly, the correlation of trajectory points is proposed to classify the individual trajectories containing sensitive points. Then, according to the relevance of location points and the randomized response mechanism, a reasonable candidate set is selected to replace the sensitive points in the trajectory to satisfy the local differential privacy. Theoretical and experimental results show that the proposed method not only protects the sensitive information of individuals, but also does not affect the overall data distribution.

Recently, with the rapid development of big data, Internet of Things (IoT) brings more and more intelligent and convenient services to people's daily lives. Mobile healthcare crowd sensing (MHCS), as a typical application of IoT, is becoming an effective approach to provide various medical and healthcare services to individual or organizations. However, MHCS still have to face to different security challenges in practice. For example, how to quickly and effectively authenticate masses of bio-information uploaded by IoT terminals without revealing the owners' sensitive information. Therefore, we propose a large-scale concurrent data anonymous batch verification scheme for MHCS based on an improved certificateless aggregate signature. The proposed scheme can authenticate all sensing bio-information at once in a privacy preserving way. The individual data generated by different users can be verified in batch, while the actual identity of participants is hidden. Moreover, assuming the intractability of CDHP, our scheme is proved to be secure. Finally, the performance evaluation shows that the proposed scheme is suitable for MHCS, due to its high efficiency.

Millimeter wave (mmWave) communication is one of the most promising technologies in fifth generation (5G) mobile networks due to its access to a large amount of available spectrum resources. Despite the theoretical potential of a high data rate, there are still several key technical challenges with using mmWave in mobile networks, such as severe pathloss, high penetration loss, narrow beamwidth, etc. Hence, accurate and reliable knowledge of mmWave channel propagation characteristics is essential for developing 5G wireless communication systems. In this article, the fundamental characteristics of mmWave are first presented. Then, two main channel modeling methods are discussed. Finally, in order to investigate the channel characteristics at the mmWave band, measurement campaigns using three different large-scale array topologies are carried out and the typical channel parameters are extracted and analyzed.

The 5G Internet of Vehicles has become a new paradigm alongside the growing popularity and variety of computation-intensive applications with high requirements for computational resources and analysis capabilities. Existing network architectures and resource management mechanisms may not sufficiently guarantee satisfactory Quality of Experience and network efficiency, mainly suffering from coverage limitation of Road Side Units, insufficient resources, and unsatisfactory computational capabilities of onboard equipment, frequently changing network topology, and ineffective resource management schemes. To meet the demands of such applications, in this article, we first propose a novel architecture by integrating the satellite network with 5G cloud-enabled Internet of Vehicles to efficiently support seamless coverage and global resource management. A incentive mechanism based joint optimization problem of opportunistic computation offloading under delay and cost constraints is established under the aforementioned framework, in which a vehicular user can either significantly reduce the application completion time by offloading workloads to several nearby vehicles through opportunistic vehicle-to-vehicle channels while effectively controlling the cost or protect its own profit by providing compensated computing service. As the optimization problem is non-convex and NP-hard, simulated annealing based on the Markov Chain Monte Carlo as well as the metropolis algorithm is applied to solve the optimization problem, which can efficaciously obtain both high-quality and cost-effective approximations of global optimal solutions. The effectiveness of the proposed mechanism is corroborated through simulation results.

Collection of user's location and trajectory information that contains rich personal privacy in mobile social networks has become easier for attackers. Network traffic control is an important network system which can solve some security and privacy problems. In this paper, we consider a network traffic control system as a trusted third party and use differential privacy for protecting more personal trajectory data. We studied the influence of the high dimensionality and sparsity of trajectory data sets based on the availability of the published results. Based on similarity point aggregation reconstruction ideas and a prefix tree model, we proposed a hybrid publishing method of differential privacy spatiotemporal trajectory data sets APTB.

The Localization of the target object for data retrieval is a key issue in the Intelligent and Connected Transportation Systems (ICTS). However, due to lack of intelligence in the traditional transportation system, it can take tremendous resources to manually retrieve and locate the queried objects among a large number of images. In order to solve this issue, we propose an effective method to query-based object localization that uses artificial intelligence techniques to automatically locate the queried object in the complex background. The presented method is termed as Fine-grained and Progressive Attention Localization Network (FPAN), which uses an image and a queried object as input to accurately locate the target object in the image. Specifically, the fine-grained attention module is naturally embedded into each layer of the convolution neural network (CNN), thereby gradually suppressing the regions that are irrelevant to the queried object and eventually shrinking attention to the target area. We further employ top-down attentions fusion algorithm operated by a learnable cascade up-sampling structure to establish the connection between the attention map and the exact location of the queried object in the original image. Furthermore, the FPAN is trained by multi-task learning with box segmentation loss and cosine loss. At last, we conduct comprehensive experiments on both queried-based digit localization and object tracking with synthetic and benchmark datasets, respectively. The experimental results show that our algorithm is far superior to other algorithms in the synthesis datasets and outperforms most existing trackers on the OTB and VOT datasets.

In recent years, cognitive Internet of Things (CIoT) has received considerable attention because it can extract valuable information from various Internet of Things (IoT) devices. In CIoT, truth discovery plays an important role in identifying truthful values from large scale data to help CIoT provide deeper insights and value from collected information. However, the privacy concerns of IoT devices pose a major challenge in designing truth discovery approaches. Although existing schemes of truth discovery can be executed with strong privacy guarantees, they are not efficient or cannot be applied in real-life CIoT applications. This article proposes a novel framework for lightweight and privacy-preserving truth discovery called LPTD-I, which is implemented by incorporating fog and cloud platforms, and adopting the homomorphic Paillier encryption and one-way hash chain techniques. This scheme not only protects devices' privacy, but also achieves high efficiency. Moreover, we introduce a fault tolerant (LPTD-II) framework which can effectively overcome malfunctioning CIoT devices. Detailed security analysis indicates the proposed schemes are secure under a comprehensively designed threat model. Experimental simulations are also carried out to demonstrate the efficiency of the proposed schemes.

Implantable medical devices (IMDs), including pacemakers, implanted cardiac defibrillators and neurostimulator are medical devices implanted into patients' bodies via surgery and are capable of monitoring patient's conditions and delivering therapy. They often have built-in radio modules to support data reading and parameters reconfiguration according to the commands from external programmers. The lack of a secure authentication mechanism exposes patients to cyber attacks over the air and threatens patients' lives. Physically Obfuscated Keys (POKs) are a special means for storing the secret key inside the integrated circuit. In this paper, we design an effective authentication system for IMDs by utilizing POKs. The dynamic authentication and access control scheme is based on some secure pre-shared keys, which are protected by the POKs. We evaluate the proposed scheme with detailed security analysis and implement it on a prototype testbed to demonstrate its lightweight feature.

With the rapid development of health equipments, increasingly more patients have installed the implantable medical devices (IMD) in their bodies for diagnostic, monitoring, and therapeutic purposes. IMDs are extremely limited in computation power and battery capacity. Meanwhile, IMDs have to communicate with an external programmer device (i.e., IMD programmer) through the wireless channel, which put them under the risk of unauthorized access and malicious wireless attacks. In this paper, we propose a proxy-based fine-grained access control scheme for IMDs, which can prolong the IMD's lifetime by delegating the access control computations to the proxy device (e.g., smartphone). In our scheme, the proxy communicates with the IMD programmer through an audio cable, which is resistant to a number of wireless attacks. Additionally, we use the ciphertext-policy attribute-based encryption (CP-ABE) to enforce fine-grained access control. The proposed scheme is implemented on real emulator devices and evaluated through experimental tests. The experiments show that the proposed scheme is lightweight and effective.

The Internet of Things (IoT) has become increasingly popular in people's daily lives. The pervasive IoT devices are encouraged to share data with each other in order to better serve the users. However, users are reluctant to share sensitive data due to privacy concerns. In this paper, we study the anonymous data aggregation for the IoT system, in which the IoT company servers, though not fully trustworthy, are used to assist the aggregation. We propose an efficient and accountable aggregation scheme that can preserve the data anonymity. We analyze the communication and computation overheads of the proposed scheme, and evaluate the total execution time and the per-user communication overhead with extensive simulations. The results show that our scheme is more efficient than the previous peer-shuffle protocol, especially for data aggregation from multiple providers.

Mobile edge computing usually uses cache to support multimedia contents in 5G mobile Internet to reduce the computing overhead and latency. Mobile edge caching (MEC) systems are vulnerable to various attacks such as denial of service attacks and rogue edge attacks. This article investigates the attack models in MEC systems, focusing on both the mobile offloading and the caching procedures. In this paper, we propose security solutions that apply reinforcement learning (RL) techniques to provide secure offloading to the edge nodes against jamming attacks. We also present light-weight authentication and secure collaborative caching schemes to protect data privacy. We evaluate the performance of the RL-based security solution for mobile edge caching and discuss the challenges that need to be addressed in the future.

Network Function Virtualization (NFV) has the potential to significantly reduce the capital and operating expenses, shorten product release cycle, and improve service agility. In this paper, we focus on minimizing the total number of Virtual Network Function (VNF) instances to provide a specific service (possibly at different locations) to all the flows in a network. Certain network security and analytics applications may allow fractional processing of a flow at different nodes (corresponding to datacenters), giving an opportunity for greater optimization of resources. Through a reduction from the set cover problem, we show that this problem is NP-hard and cannot even be approximated within a factor of (1 - o(1)) ln(m) (where m is the number of flows) unless P=NP. Then, we design two simple greedy algorithms and prove that they achieve an approximation ratio of (1 - o(1)) ln(m) + 2, which is asymptotically optimal. For special cases where each node hosts multiple VNF instances (which is typically true in practice), we also show that our greedy algorithms have a constant approximation ratio. Further, for tree topologies we develop an optimal greedy algorithm by exploiting the inherent topological structure. Finally, we conduct extensive numerical experiments to evaluate the performance of our proposed algorithms in various scenarios.