entropy-logo

Journal Browser

Journal Browser

Information Security and Privacy: From IoT to IoV

A special issue of Entropy (ISSN 1099-4300). This special issue belongs to the section "Information Theory, Probability and Statistics".

Deadline for manuscript submissions: closed (31 August 2023) | Viewed by 23558

Special Issue Editors


E-Mail Website
Guest Editor
School of Computing, Edinburgh Napier University, Edinburgh EH10 5DT, UK
Interests: cryptography; blockchain; cybersecurity; information society
Special Issues, Collections and Topics in MDPI journals

E-Mail Website
Guest Editor
Department of Computer Science, Kansas State University, Manhattan, KS 66506, USA
Interests: artificial intelligence; computer vision; parallel computing; embedded systems; secure and trustworthy systems
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

We see many issues related to the implementation of digital infrastructures, and these are often caused when security and privacy are afterthoughts. Increasingly, there is a drive to create systems which are secure by design  and also focus on privacy by design. At the core of this is the integration of digital trust at each level, from electronic circuits up to the high-level integration of data. An important element of this is the integration of the citizen and the respect for the privacy of their data. The fast expansion of cyberattacks means it is crucial to share cyber threat intelligence (CTI) for the early detection of threats and to enable quick defence against them. One can automatically extract low-level cyber threat behaviours from publicly accessible CTI sources to support quick defensive decision making. To analyse text in the cybersecurity field, researchers can apply the metrics of entropy and mutual information from information theory, and novel schemes can be proposed. This Special Issue thus focuses on the key areas of privacy, resilience, trust, entropy and mutual information. Key areas include:

  • Privacy-respecting systems. This includes research related to the investigation of privacy-respecting methods that can be used to preserve the rights of citizens to privacy, whilst enabling areas such as machine learning, data analytics and cybersecurity.
  • Trust, privacy and resilience with smart cities. This includes research related to the integration of people, devices and systems into a smart city environment. Areas may include the IoV (Internet of Vehicles), trust with IoT infrastructures, and the cyber-reliance of smart cites.
  • Citizen identity and rights in digital governance. This includes models of integrating self-sovereign identities into the IoT, IoV and/or smart city environments.
  • Hardware-based security. This Special Issue also solicits research that aims to leverage hardware-based security solutions to build security into the silicon and thus provide a hardware root of trust. These hardware-based security solutions include but are not limited to physically unclonable functions, true random number generators, hardware metering, digital watermarking, hardware Trojan detection, countermeasures against side-channel attacks and hardware implementation of cryptographic functions.
  • Artificial intelligence (AI) safety and security. Due to burgeoning revolution of AI, AI has proliferated in almost every domain, ranging from smart cities, agriculture, defence and transportation systems to healthcare. Although AI has also been used to assist and develop some security solutions, such as intrusion detection systems, AI itself is vulnerable to security attacks, often referred to as adversarial examples. This Special Issue also solicits research related to all aspects of AI safety and security ranging from finding vulnerabilities in AI systems to developing approaches for mitigating attacks on AI systems.
  • Lightweight encryption. The goal of a lightweight encryption system is to enable security for devices with limited resources by using less memory, less computational power and less energy. This Special Issue invites researchers and academics to submit papers in the area of privacy-respecting systems, lightweight encryption and hardware-based security.
  • Cyber documents and CTI reports. One can use cyber documents for the calculation of entropy and mutual information, etc. These calculated values can be used in CTI, and novel strategies can be proposed.

Prof. Dr. Bill William Buchanan
Dr. Arslan Munir
Dr. Jawad Ahmad
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Entropy is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2600 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • cryptography
  • blockchain
  • hardware-based security
  • artificial intelligence, computer vision
  • chaos
  • image encryption
  • cyber threat intelligence
  • information theory
  • entropy

Related Special Issue

Published Papers (15 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

13 pages, 2070 KiB  
Article
Physical Layer Security: Channel Sounding Results for the Multi-Antenna Wiretap Channel
by Daniel Harman, Karl Knapp, Tyler Sweat, Philip Lundrigan, Michael Rice and Willie Harrison
Entropy 2023, 25(10), 1397; https://doi.org/10.3390/e25101397 - 29 Sep 2023
Viewed by 649
Abstract
Many physical-layer security works in the literature rely on purely theoretical work or simulated results to establish the value of physical-layer security in securing communications. We consider the secrecy capacity of a wireless Gaussian wiretap channel using channel sounding measurements to analyze the [...] Read more.
Many physical-layer security works in the literature rely on purely theoretical work or simulated results to establish the value of physical-layer security in securing communications. We consider the secrecy capacity of a wireless Gaussian wiretap channel using channel sounding measurements to analyze the potential for secure communication in a real-world scenario. A multi-input, multi-output, multi-eavesdropper (MIMOME) system is deployed using orthogonal frequency division multiplexing (OFDM) over an 802.11n wireless network. Channel state information (CSI) measurements were taken in an indoor environment to analyze time-varying scenarios and spatial variations. It is shown that secrecy capacity is highly affected by environmental changes, such as foot traffic, network congestion, and propagation characteristics of the physical environment. We also present a numerical method for calculating MIMOME secrecy capacity in general and comment on the use of OFDM with regard to calculating secrecy capacity. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

14 pages, 366 KiB  
Article
Secure Ring Signature Scheme for Privacy-Preserving Blockchain
by Lin Wang, Changgen Peng and Weijie Tan
Entropy 2023, 25(9), 1334; https://doi.org/10.3390/e25091334 - 14 Sep 2023
Viewed by 1319
Abstract
Blockchain integrates peer-to-peer networks, distributed consensus, smart contracts, cryptography, etc. It has the unique advantages of weak centralization, anti-tampering, traceability, openness, transparency, etc., and is widely used in various fields, e.g., finance and healthcare. However, due to its open and transparent nature, attackers [...] Read more.
Blockchain integrates peer-to-peer networks, distributed consensus, smart contracts, cryptography, etc. It has the unique advantages of weak centralization, anti-tampering, traceability, openness, transparency, etc., and is widely used in various fields, e.g., finance and healthcare. However, due to its open and transparent nature, attackers can analyze the ledger information through clustering techniques to correlate the identities between anonymous and real users in the blockchain system, posing a serious risk of privacy leakage. The ring signature is one of the digital signatures that achieves the unconditional anonymity of the signer. Therefore, by leveraging Distributed Key Generation (DKG) and Elliptic Curve Cryptography (ECC), a blockchain-enabled secure ring signature scheme is proposed. Under the same security parameters, the signature constructed on ECC has higher security in comparison to the schemes using bilinear pairing. In addition, the system master key is generated by using the distributed key agreement, which avoids the traditional method of relying on a trusted third authorizer (TA) to distribute the key and prevents the key leakage when the TA is not authentic or suffers from malicious attacks. Moreover, the performance analysis showed the feasibility of the proposed scheme while the security was ensured. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

15 pages, 343 KiB  
Article
Quality of Security Guarantees for and with Physical Unclonable Functions and Biometric Secrecy Systems
by Onur Günlü, Rafael F. Schaefer and H. Vincent Poor
Entropy 2023, 25(8), 1243; https://doi.org/10.3390/e25081243 - 21 Aug 2023
Viewed by 928
Abstract
Unique digital circuit outputs, considered as physical unclonable function (PUF) circuit outputs, can facilitate a secure and reliable secret key agreement. To tackle noise and high correlations between the PUF circuit outputs, transform coding methods combined with scalar quantizers are typically applied to [...] Read more.
Unique digital circuit outputs, considered as physical unclonable function (PUF) circuit outputs, can facilitate a secure and reliable secret key agreement. To tackle noise and high correlations between the PUF circuit outputs, transform coding methods combined with scalar quantizers are typically applied to extract the uncorrelated bit sequences reliably. In this paper, we create realistic models for these transformed outputs by fitting truncated distributions to them. We also show that the state-of-the-art models are inadequate to guarantee a target reliability level for all PUF outputs, which also means that secrecy cannot be guaranteed. Therefore, we introduce a quality of security parameter to control the percentage of the PUF circuit outputs for which a target security level can be guaranteed. By applying the finite-length information theory results to a public ring oscillator output dataset, we illustrate that security guarantees can be provided for each bit extracted from any PUF device by eliminating only a small subset of PUF circuit outputs. Furthermore, we conversely show that it is not possible to provide reliability or security guarantees without eliminating any PUF circuit output. Our holistic methods and analyses can be applied to any PUF type, as well as any biometric secrecy system, with continuous-valued outputs to extract secret keys with low hardware complexity. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

25 pages, 515 KiB  
Article
A Lightweight Trust Mechanism with Attack Detection for IoT
by Xujie Zhou, Jinchuan Tang, Shuping Dang and Gaojie Chen
Entropy 2023, 25(8), 1198; https://doi.org/10.3390/e25081198 - 11 Aug 2023
Viewed by 864
Abstract
In this paper, we propose a lightweight and adaptable trust mechanism for the issue of trust evaluation among Internet of Things devices, considering challenges such as limited device resources and trust attacks. Firstly, we propose a trust evaluation approach based on Bayesian statistics [...] Read more.
In this paper, we propose a lightweight and adaptable trust mechanism for the issue of trust evaluation among Internet of Things devices, considering challenges such as limited device resources and trust attacks. Firstly, we propose a trust evaluation approach based on Bayesian statistics and Jøsang’s belief model to quantify a device’s trustworthiness, where evaluators can freely initialize and update trust data with feedback from multiple sources, avoiding the bias of a single message source. It balances the accuracy of estimations and algorithm complexity. Secondly, considering that a trust estimation should reflect a device’s latest status, we propose a forgetting algorithm to ensure that trust estimations can sensitively perceive changes in device status. Compared with conventional methods, it can automatically set its parameters to gain good performance. Finally, to prevent trust attacks from misleading evaluators, we propose a tango algorithm to curb trust attacks and a hypothesis testing-based trust attack detection mechanism. We corroborate the proposed trust mechanism’s performance with simulation, whose results indicate that even if challenged by many colluding attackers that can exploit different trust attacks in combination, it can produce relatively accurate trust estimations, gradually exclude attackers, and quickly restore trust estimations for normal devices. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

15 pages, 1776 KiB  
Article
A Lightweight CP-ABE Scheme with Direct Attribute Revocation for Vehicular Ad Hoc Network
by Yilong Liu, Shengwei Xu and Ziyan Yue
Entropy 2023, 25(7), 979; https://doi.org/10.3390/e25070979 - 25 Jun 2023
Viewed by 1114
Abstract
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology provides a new solution to address the security and fine-grained access control of traffic information in vehicular ad hoc networks (VANETs). However, in most CP-ABE schemes for VANETs, attribute revocation suffers from high system consumption and complex revocation [...] Read more.
Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology provides a new solution to address the security and fine-grained access control of traffic information in vehicular ad hoc networks (VANETs). However, in most CP-ABE schemes for VANETs, attribute revocation suffers from high system consumption and complex revocation operations, as well as from high computational overhead and low efficiency due to the use of bilinear pairwise operations. Based on this, this paper proposes a lightweight CP-ABE scheme that supports direct attribute revocation in VANETs. The scheme implements an agent-based direct attribute revocation mechanism by separating dynamic and static attributes of vehicle terminals, which reduces system consumption and simplifies the revocation operation process. The scheme uses scalar multiplication on elliptic curves instead of bilinear pairing operations and uses computational outsourcing techniques to reduce the terminal decryption cost and improve the efficiency of the scheme. The security and performance analysis shows that the overall efficiency of our scheme is better than the existing schemes under the premise of ensuring data confidentiality and integrity. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

22 pages, 5885 KiB  
Article
A Framework for Analyzing Fraud Risk Warning and Interference Effects by Fusing Multivariate Heterogeneous Data: A Bayesian Belief Network
by Mianning Hu, Xin Li, Mingfeng Li, Rongchen Zhu and Binzhou Si
Entropy 2023, 25(6), 892; https://doi.org/10.3390/e25060892 - 02 Jun 2023
Cited by 1 | Viewed by 1531
Abstract
In the construction of a telecom-fraud risk warning and intervention-effect prediction model, how to apply multivariate heterogeneous data to the front-end prevention and management of telecommunication network fraud has become one of the focuses of this research. The Bayesian network-based fraud risk warning [...] Read more.
In the construction of a telecom-fraud risk warning and intervention-effect prediction model, how to apply multivariate heterogeneous data to the front-end prevention and management of telecommunication network fraud has become one of the focuses of this research. The Bayesian network-based fraud risk warning and intervention model was designed by taking into account existing data accumulation, the related literature, and expert knowledge. The initial structure of the model was improved by utilizing City S as an application example, and a telecom-fraud analysis and warning framework was proposed by incorporating telecom-fraud mapping. After the evaluation in this paper, the model shows that age has a maximum sensitivity of 13.5% to telecom-fraud losses; anti-fraud propaganda can reduce the probability of losses above 300,000 yuan by 2%; and the overall telecom-fraud losses show that more occur in the summer and less occur in the autumn, and that the Double 11 period and other special time points are prominent. The model in this paper has good application value in the real-world field, and the analysis of the early warning framework can provide decision support for the police and the community to identify the groups, locations, and spatial and temporal environments prone to fraud, to combat propaganda and provide a timely warning to stop losses. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

17 pages, 838 KiB  
Article
Attribute-Based Verifiable Conditional Proxy Re-Encryption Scheme
by Yongli Tang, Minglu Jin, Hui Meng, Li Yang and Chengfu Zheng
Entropy 2023, 25(5), 822; https://doi.org/10.3390/e25050822 - 19 May 2023
Viewed by 1293
Abstract
There are mostly semi-honest agents in cloud computing, so agents may perform unreliable calculations during the actual execution process. In this paper, an attribute-based verifiable conditional proxy re-encryption (AB-VCPRE) scheme using a homomorphic signature is proposed to solve the problem that the current [...] Read more.
There are mostly semi-honest agents in cloud computing, so agents may perform unreliable calculations during the actual execution process. In this paper, an attribute-based verifiable conditional proxy re-encryption (AB-VCPRE) scheme using a homomorphic signature is proposed to solve the problem that the current attribute-based conditional proxy re-encryption (AB-CPRE) algorithm cannot detect the illegal behavior of the agent. The scheme implements robustness, that is the re-encryption ciphertext, can be verified by the verification server, showing that the received ciphertext is correctly converted by the agent from the original ciphertext, thus, meaning that illegal activities of agents can be effectively detected. In addition, the article demonstrates the reliability of the constructed AB-VCPRE scheme validation in the standard model, and proves that the scheme satisfies CPA security in the selective security model based on the learning with errors (LWE) assumption. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

21 pages, 1363 KiB  
Article
Personalized Privacy Assistant: Identity Construction and Privacy in the Internet of Things
by Kai-Chih Chang and Suzanne Barber
Entropy 2023, 25(5), 717; https://doi.org/10.3390/e25050717 - 26 Apr 2023
Cited by 3 | Viewed by 1213
Abstract
Over time, the many different ways in which we collect and use data have become more complex as we communicate and interact with an ever-increasing variety of modern technologies. Although people often say they care about their privacy, they do not have a [...] Read more.
Over time, the many different ways in which we collect and use data have become more complex as we communicate and interact with an ever-increasing variety of modern technologies. Although people often say they care about their privacy, they do not have a deep understanding of what devices around them are collecting their identity information, what identity information is being collected, and how that collected data will affect them. This research is dedicated to developing a personalized privacy assistant to help users regain control, understand their own identity management, and process and simplify the large amount of information from the Internet of Things (IoT). This research constructs an empirical study to obtain the comprehensive list of identity attributes that are being collected by IoT devices. We build a statistical model to simulate the identity theft and to help calculate the privacy risk score based on the identity attributes collected by IoT devices. We discuss how well each feature of our Personal Privacy Assistant (PPA) works and compare the PPA and related work to a list of fundamental features for privacy protection. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

19 pages, 949 KiB  
Article
Online/Offline MA-CP-ABE with Cryptographic Reverse Firewalls for IoT
by Juyan Li, Ye Fan, Xuefen Bian and Qi Yuan
Entropy 2023, 25(4), 616; https://doi.org/10.3390/e25040616 - 04 Apr 2023
Cited by 5 | Viewed by 1637
Abstract
Devices in the Internet of Things (IoT) usually use cloud storage and cloud computing to save storage and computing cost. Therefore, the efficient realization of one-to-many communication of data on the premise of ensuring the security of cloud storage data is a challenge. [...] Read more.
Devices in the Internet of Things (IoT) usually use cloud storage and cloud computing to save storage and computing cost. Therefore, the efficient realization of one-to-many communication of data on the premise of ensuring the security of cloud storage data is a challenge. Ciphertext-Policy Attribute-Based Encryption (CP-ABE) can not only protect the security of data in the cloud and achieve one-to-many communication but also achieve fine-grained access control for data. However, the single-authority CP-ABE faces the crisis of single point of failure. In order to improve security, the Multi-Authority CP-ABE (MA-CP-ABE) is adopted. Although there are provably-secure MA-CP-ABE schemes, Edward Snowden’s research shows that provably-secure cryptographic schemes are vulnerable to backdoor attacks, resulting in secret disclosure, and thus threatening security. In addition, ABE requires huge computational overhead in key generation, encryption and decryption, which increase with the increase in the number of attributes and the complexity of the access structure, and there are a large number of resource-constrained devices in the IoT. To mitigate this issue, we construct the Online/Offline MA-CP-ABE with Cryptographic Reverse Firewalls (OO-MA-CP-ABE-CRFs) scheme. This scheme not only uses Cryptographic Reverse Firewall (CRF) to resist backdoor attacks but also uses online/offline key generation, online/offline encryption and outsourcing encryption technology to optimize the efficiency of the MA-CP-ABE scheme with reverse firewall, reducing the storage and computing cost of users. Finally, the security of the OO-MA-CP-ABE-CRFs scheme is proved, and the experimental results indicate that the scheme is efficient and practical. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

26 pages, 2581 KiB  
Article
RNNCon: Contribution Coverage Testing for Stacked Recurrent Neural Networks
by Xiaoli Du, Hongwei Zeng, Shengbo Chen and Zhou Lei
Entropy 2023, 25(3), 520; https://doi.org/10.3390/e25030520 - 17 Mar 2023
Viewed by 1366
Abstract
Recurrent Neural Networks (RNNs) are applied in safety-critical fields such as autonomous driving, aircraft collision detection, and smart credit. They are highly susceptible to input perturbations, but little research on RNN-oriented testing techniques has been conducted, leaving a threat to a large number [...] Read more.
Recurrent Neural Networks (RNNs) are applied in safety-critical fields such as autonomous driving, aircraft collision detection, and smart credit. They are highly susceptible to input perturbations, but little research on RNN-oriented testing techniques has been conducted, leaving a threat to a large number of sequential application domains. To address these gaps, improve the test adequacy of RNNs, find more defects, and improve the performance of RNNs models and their robustness to input perturbations. We aim to propose a test coverage metric for the underlying structure of RNNs, which is used to guide the generation of test inputs to test RNNs. Although coverage metrics have been proposed for RNNs, such as the hidden state coverage in RNN-Test, they ignore the fact that the underlying structure of RNNs is still a fully connected neural network but with an additional “delayer” that records the network state at the time of data input. We use the contributions, i.e., the combination of the outputs of neurons and the weights they emit, as the minimum computational unit of RNNs to explore the finer-grained logical structure inside the recurrent cells. Compared to existing coverage metrics, our research covers the decision mechanism of RNNs in more detail and is more likely to generate more adversarial samples and discover more flaws in the model. In this paper, we redefine the contribution coverage metric applicable to Stacked LSTMs and Stacked GRUs by considering the joint effect of neurons and weights in the underlying structure of the neural network. We propose a new coverage metric, RNNCon, which can be used to guide the generation of adversarial test inputs. And we design and implement a test framework prototype RNNCon-Test. 2 datasets, 4 LSTM models, and 4 GRU models are used to verify the effectiveness of RNNCon-Test. Compared to the current state-of-the-art study RNN-Test, RNNCon can cover a deeper decision logic of RNNs. RNNCon-Test is not only effective in identifying defects in Deep Learning (DL) systems but also in improving the performance of the model if the adversarial inputs generated by RNNCon-Test are filtered and added to the training set to retrain the model. In the case where the accuracy of the model is already high, RNNCon-Test is still able to improve the accuracy of the model by up to 0.45%. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

23 pages, 1189 KiB  
Article
An Efficient Virtual Machine Consolidation Algorithm for Cloud Computing
by Ling Yuan, Zhenjiang Wang, Ping Sun and Yinzhen Wei
Entropy 2023, 25(2), 351; https://doi.org/10.3390/e25020351 - 14 Feb 2023
Cited by 2 | Viewed by 1404
Abstract
With the rapid development of integration in blockchain and IoT, virtual machine consolidation (VMC) has become a heated topic because it can effectively improve the energy efficiency and service quality of cloud computing in the blockchain. The current VMC algorithm is not effective [...] Read more.
With the rapid development of integration in blockchain and IoT, virtual machine consolidation (VMC) has become a heated topic because it can effectively improve the energy efficiency and service quality of cloud computing in the blockchain. The current VMC algorithm is not effective enough because it does not regard the load of the virtual machine (VM) as an analyzed time series. Therefore, we proposed a VMC algorithm based on load forecast to improve efficiency. First, we proposed a migration VM selection strategy based on load increment prediction called LIP. Combined with the current load and load increment, this strategy can effectively improve the accuracy of selecting VM from the overloaded physical machines (PMs). Then, we proposed a VM migration point selection strategy based on the load sequence prediction called SIR. We merged VMs with complementary load series into the same PM, effectively improving the stability of the PM load, thereby reducing the service level agreement violation (SLAV) and the number of VM migrations due to the resource competition of the PM. Finally, we proposed a better virtual machine consolidation (VMC) algorithm based on the load prediction of LIP and SIR. The experimental results show that our VMC algorithm can effectively improve energy efficiency. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

12 pages, 295 KiB  
Article
A Novel Linkable Ring Signature on Ideal Lattices
by Chengtang Cao, Lin You and Gengran Hu
Entropy 2023, 25(2), 237; https://doi.org/10.3390/e25020237 - 28 Jan 2023
Viewed by 1148
Abstract
In this paper, a novel linkable ring signature scheme is constructed. The hash value of the public key in the ring and the signer’s private key are based on random numbers. This setting makes it unnecessary to set the linkable label separately for [...] Read more.
In this paper, a novel linkable ring signature scheme is constructed. The hash value of the public key in the ring and the signer’s private key are based on random numbers. This setting makes it unnecessary to set the linkable label separately for our constructed scheme. When judging the linkability, it is necessary to determine whether the number of the intersections of the two sets reaches the threshold related to the number of the ring members. In addition, under the random oracle model, the unforgeability is reduced to the SVPγ problem. The anonymity is proved based on the definition of statistical distance and its properties. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
13 pages, 1265 KiB  
Article
A Textual Backdoor Defense Method Based on Deep Feature Classification
by Kun Shao, Junan Yang, Pengjiang Hu and Xiaoshuai Li
Entropy 2023, 25(2), 220; https://doi.org/10.3390/e25020220 - 23 Jan 2023
Viewed by 1259
Abstract
Natural language processing (NLP) models based on deep neural networks (DNNs) are vulnerable to backdoor attacks. Existing backdoor defense methods have limited effectiveness and coverage scenarios. We propose a textual backdoor defense method based on deep feature classification. The method includes deep feature [...] Read more.
Natural language processing (NLP) models based on deep neural networks (DNNs) are vulnerable to backdoor attacks. Existing backdoor defense methods have limited effectiveness and coverage scenarios. We propose a textual backdoor defense method based on deep feature classification. The method includes deep feature extraction and classifier construction. The method exploits the distinguishability of deep features of poisoned data and benign data. Backdoor defense is implemented in both offline and online scenarios. We conducted defense experiments on two datasets and two models for a variety of backdoor attacks. The experimental results demonstrate the effectiveness of this defense approach and outperform the baseline defense method. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

32 pages, 97596 KiB  
Article
Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform
by Hisham Ali, Jawad Ahmad, Zakwan Jaroucheh, Pavlos Papadopoulos, Nikolaos Pitropakis, Owen Lo, Will Abramson and William J. Buchanan
Entropy 2022, 24(10), 1379; https://doi.org/10.3390/e24101379 - 28 Sep 2022
Cited by 3 | Viewed by 2972
Abstract
Historically, threat information sharing has relied on manual modelling and centralised network systems, which can be inefficient, insecure, and prone to errors. Alternatively, private blockchains are now widely used to address these issues and improve overall organisational security. An organisation’s vulnerabilities to attacks [...] Read more.
Historically, threat information sharing has relied on manual modelling and centralised network systems, which can be inefficient, insecure, and prone to errors. Alternatively, private blockchains are now widely used to address these issues and improve overall organisational security. An organisation’s vulnerabilities to attacks might change over time. It is utterly important to find a balance among a current threat, the potential countermeasures, their consequences and costs, and the estimation of the overall risk that this provides to the organisation. For enhancing organisational security and automation, applying threat intelligence technology is critical for detecting, classifying, analysing, and sharing new cyberattack tactics. Trusted partner organisations can then share newly identified threats to improve their defensive capabilities against unknown attacks. On this basis, organisations can help reduce the risk of a cyberattack by providing access to past and current cybersecurity events through blockchain smart contracts and the Interplanetary File System (IPFS). The suggested combination of technologies can make organisational systems more reliable and secure, improving system automation and data quality. This paper outlines a privacy-preserving mechanism for threat information sharing in a trusted way. It proposes a reliable and secure architecture for data automation, quality, and traceability based on the Hyperledger Fabric private-permissioned distributed ledger technology and the MITRE ATT&CK threat intelligence framework. This methodology can also be applied to combat intellectual property theft and industrial espionage. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

25 pages, 16402 KiB  
Article
A Lightweight Image Encryption Algorithm Based on Chaotic Map and Random Substitution
by Yousef Alghamdi, Arslan Munir and Jawad Ahmad
Entropy 2022, 24(10), 1344; https://doi.org/10.3390/e24101344 - 23 Sep 2022
Cited by 25 | Viewed by 2364
Abstract
Chaotic-maps-based image encryption methods have been a topic of research interest for a decade. However, most of the proposed methods suffer from slow encryption time or compromise on the security of the encryption to achieve faster encryption. This paper proposes a lightweight, secure, [...] Read more.
Chaotic-maps-based image encryption methods have been a topic of research interest for a decade. However, most of the proposed methods suffer from slow encryption time or compromise on the security of the encryption to achieve faster encryption. This paper proposes a lightweight, secure, and efficient image encryption algorithm based on logistic map, permutations, and AES S-box. In the proposed algorithm, SHA-2 based on the plaintext image, a pre-shared key, and an initialization vector (IV) are used to generate the initial parameters for the logistic map. The logistic map chaotically generates random numbers, which are then used for the permutations and substitutions. The security, quality, and efficiency of the proposed algorithm are tested and analyzed using a number of metrics, such as correlation coefficient, chi-square, entropy, mean square error, mean absolute error, peak signal-to-noise ratio, maximum deviation, irregular deviation, deviation from uniform histogram, number of pixel change rate, unified average changing intensity, resistance to noise and data loss attacks, homogeneity, contrast, energy, and key space and key sensitivity analysis. Experimental results reveal that the proposed algorithm is up to 15.33× faster compared to other contemporary encryption methods. Full article
(This article belongs to the Special Issue Information Security and Privacy: From IoT to IoV)
Show Figures

Figure 1

Back to TopTop