-
A proposal to increase data utility on Global Differential Privacy data based on data use predictions
Authors:
Henry C. Nunes,
Marlon P. da Silva,
Charles V. Neu,
Avelino F. Zorzo
Abstract:
This paper presents ongoing research focused on improving the utility of data protected by Global Differential Privacy(DP) in the scenario of summary statistics. Our approach is based on predictions on how an analyst will use statistics released under DP protection, so that a developer can optimise data utility on further usage of the data in the privacy budget allocation. This novel approach can…
▽ More
This paper presents ongoing research focused on improving the utility of data protected by Global Differential Privacy(DP) in the scenario of summary statistics. Our approach is based on predictions on how an analyst will use statistics released under DP protection, so that a developer can optimise data utility on further usage of the data in the privacy budget allocation. This novel approach can potentially improve the utility of data without compromising privacy constraints. We also propose a metric that can be used by the developer to optimise the budget allocation process.
△ Less
Submitted 12 January, 2024;
originally announced January 2024.
-
Impact of using a privacy model on smart buildings data for CO2 prediction
Authors:
Marlon P. da Silva,
Henry C. Nunes,
Charles V. Neu,
Luana T. Thomas,
Avelino F. Zorzo,
Charles Morisset
Abstract:
There is a constant trade-off between the utility of the data collected and processed by the many systems forming the Internet of Things (IoT) revolution and the privacy concerns of the users living in the spaces hosting these sensors. Privacy models, such as the SITA (Spatial, Identity, Temporal, and Activity) model, can help address this trade-off. In this paper, we focus on the problem of…
▽ More
There is a constant trade-off between the utility of the data collected and processed by the many systems forming the Internet of Things (IoT) revolution and the privacy concerns of the users living in the spaces hosting these sensors. Privacy models, such as the SITA (Spatial, Identity, Temporal, and Activity) model, can help address this trade-off. In this paper, we focus on the problem of $CO_2$ prediction, which is crucial for health monitoring but can be used to monitor occupancy, which might reveal some private information. We apply a number of transformations on a real dataset from a Smart Building to simulate different SITA configurations on the collected data. We use the transformed data with multiple Machine Learning (ML) techniques to analyse the performance of the models to predict $CO_{2}$ levels. Our results show that, for different algorithms, different SITA configurations do not make one algorithm perform better or worse than others, compared to the baseline data; also, in our experiments, the temporal dimension was particularly sensitive, with scores decreasing up to $18.9\%$ between the original and the transformed data. The results can be useful to show the effect of different levels of data privacy on the data utility of IoT applications, and can also help to identify which parameters are more relevant for those systems so that higher privacy settings can be adopted while data utility is still preserved.
△ Less
Submitted 1 June, 2023;
originally announced June 2023.
-
Impact of consensus on appendable-block blockchain for IoT
Authors:
Roben C. Lunardi,
Regio A. Michelin,
Charles V. Neu,
Avelino F. Zorzo,
Salil S. Kanhere
Abstract:
The Internet of Things (IoT) is transforming our physical world into a complex and dynamic system of connected devices on an unprecedented scale. Connecting everyday physical objects is creating new business models, improving processes and reducing costs and risks. Recently, blockchain technology has received a lot of attention from the community as a possible solution to overcome security issues…
▽ More
The Internet of Things (IoT) is transforming our physical world into a complex and dynamic system of connected devices on an unprecedented scale. Connecting everyday physical objects is creating new business models, improving processes and reducing costs and risks. Recently, blockchain technology has received a lot of attention from the community as a possible solution to overcome security issues in IoT. However, traditional blockchains (such as the ones used in Bitcoin and Ethereum) are not well suited to the resource-constrained nature of IoT devices and also with the large volume of information that is expected to be generated from typical IoT deployments. To overcome these issues, several researchers have presented lightweight instances of blockchains tailored for IoT. For example, proposing novel data structures based on blocks with decoupled and appendable data. However, these researchers did not discuss how the consensus algorithm would impact their solutions, i.e., the decision of which consensus algorithm would be better suited was left as an open issue. In this paper, we improved an appendable-block blockchain framework to support different consensus algorithms through a modular design. We evaluated the performance of this improved version in different emulated scenarios and studied the impact of varying the number of devices and transactions and employing different consensus algorithms. Even adopting different consensus algorithms, results indicate that the latency to append a new block is less than 161ms (in the more demanding scenario) and the delay for processing a new transaction is less than 7ms, suggesting that our improved version of the appendable-block blockchain is efficient and scalable, and thus well suited for IoT scenarios.
△ Less
Submitted 22 December, 2019;
originally announced December 2019.
-
Pentest on an Internet Mobile App: A Case Study using Tramonto
Authors:
Daniel Dalalana Bertoglio,
Guilherme Girotto,
Charles Varlei Neu,
Roben Castagna Lunardi,
and Avelino Francisco Zorzo
Abstract:
Mobile applications are used to handle different types of data. Commonly, there is a set of personal identifiable information present in the data stored, shared and used by these applications. From that, attackers can try to exploit the mobile application in order to obtain or to cause private data leakage. Therefore, performing security assessments is an important practice to find vulnerabilities…
▽ More
Mobile applications are used to handle different types of data. Commonly, there is a set of personal identifiable information present in the data stored, shared and used by these applications. From that, attackers can try to exploit the mobile application in order to obtain or to cause private data leakage. Therefore, performing security assessments is an important practice to find vulnerabilities in the applications and systems before the application is deployed, or even during their use. Regarding security assessments, Penetration Test (Pentest) is one of the security test types that can be used to detect vulnerabilities through simulated attacks. Additionally, Pentest can be performed using different methodologies and best practices, through several frameworks to: organize the test execution, execute tools, provide estimations, provide reports and document a Pentest. One such framework is Tramonto, which aims to assist a cybersecurity expert during the Pentest execution by providing organization, standardization and flexibility to the whole Pentest process. This paper presents a Pentest case study applied to a Brazilian university Mobile App using the Tramonto framework. The main goal of this case study is to present how Tramonto can be applied during a Pentest execution, assisting cybersecurity experts in the tasks included in the Pentest process. Our results show details on how to perform a Pentest using Tramonto and the found vulnerabilities in the Mobile App. Besides that, there is a discussion about the main contributions obtained from our results, and we were able to verify that Tramonto managed, organized and optimized the whole Pentest process.
△ Less
Submitted 20 December, 2019;
originally announced December 2019.
-
Performance and Cost Evaluation of Smart Contracts in Collaborative Health Care Environments
Authors:
Roben Castagna Lunardi,
Henry Cabral Nunes,
Vinicius da Silva Branco,
Bruno Hugentobler Lipper,
Charles Varlei Neu,
Avelino Francisco Zorzo
Abstract:
Blockchain emerged as a solution for data integrity, non-repudiation, and availability in different applications. Data sensitive scenarios, such as Health Care, can also benefit from these blockchain properties. Consequently, different research proposed the adoption of blockchain in Health Care applications. However, few are discussed about incentive methods to attract new users, as well as to mot…
▽ More
Blockchain emerged as a solution for data integrity, non-repudiation, and availability in different applications. Data sensitive scenarios, such as Health Care, can also benefit from these blockchain properties. Consequently, different research proposed the adoption of blockchain in Health Care applications. However, few are discussed about incentive methods to attract new users, as well as to motivate the system or application usage by existing end-users. Also, little is discussed about performance during code execution in blockchains. In order to tackle these issues, this work presents the preliminary evaluation of TokenHealth, an application for collaborative health practice monitoring with gamification and token-based incentives. The proposed solution is implemented through smart contracts using Solidity in the Ethereum blockchain. We evaluated the performance of both in Ropsten test network and in a Private instance. The preliminary results show that the execution of smart contracts takes less than a minute for a full cycle of different smart contracts. Also, we present a discussion about costs for using a Private instance and the public Ethereum main network.
△ Less
Submitted 20 December, 2019;
originally announced December 2019.