-
VFLGAN: Vertical Federated Learning-based Generative Adversarial Network for Vertically Partitioned Data Publication
Authors:
Xun Yuan,
Yang Yang,
Prosanta Gope,
Aryan Pasikhani,
Biplab Sikdar
Abstract:
In the current artificial intelligence (AI) era, the scale and quality of the dataset play a crucial role in training a high-quality AI model. However, good data is not a free lunch and is always hard to access due to privacy regulations like the General Data Protection Regulation (GDPR). A potential solution is to release a synthetic dataset with a similar distribution to that of the private data…
▽ More
In the current artificial intelligence (AI) era, the scale and quality of the dataset play a crucial role in training a high-quality AI model. However, good data is not a free lunch and is always hard to access due to privacy regulations like the General Data Protection Regulation (GDPR). A potential solution is to release a synthetic dataset with a similar distribution to that of the private dataset. Nevertheless, in some scenarios, it has been found that the attributes needed to train an AI model belong to different parties, and they cannot share the raw data for synthetic data publication due to privacy regulations. In PETS 2023, Xue et al. proposed the first generative adversary network-based model, VertiGAN, for vertically partitioned data publication. However, after thoroughly investigating, we found that VertiGAN is less effective in preserving the correlation among the attributes of different parties. This article proposes a Vertical Federated Learning-based Generative Adversarial Network, VFLGAN, for vertically partitioned data publication to address the above issues. Our experimental results show that compared with VertiGAN, VFLGAN significantly improves the quality of synthetic data. Taking the MNIST dataset as an example, the quality of the synthetic dataset generated by VFLGAN is 3.2 times better than that generated by VertiGAN w.r.t. the Fréchet Distance. We also designed a more efficient and effective Gaussian mechanism for the proposed VFLGAN to provide the synthetic dataset with a differential privacy guarantee. On the other hand, differential privacy only gives the upper bound of the worst-case privacy guarantee. This article also proposes a practical auditing scheme that applies membership inference attacks to estimate privacy leakage through the synthetic dataset.
△ Less
Submitted 15 April, 2024;
originally announced April 2024.
-
PhenoAuth: A Novel PUF-Phenotype-based Authentication Protocol for IoT Devices
Authors:
Hongming Fei,
Owen Millwood,
Gope Prosanta,
Jack Miskelly,
Biplab Sikdar
Abstract:
Physical Unclonable Functions (PUFs) have been shown to be a highly promising solution for enabling high security systems tailored for low-power devices. Commonly, PUFs are utilised to generate cryptographic keys on-the-fly, replacing the need to store keys in vulnerable, non-volatile memories. Due to the physical nature of PUFs, environmental variations cause noise, manifesting themselves as erro…
▽ More
Physical Unclonable Functions (PUFs) have been shown to be a highly promising solution for enabling high security systems tailored for low-power devices. Commonly, PUFs are utilised to generate cryptographic keys on-the-fly, replacing the need to store keys in vulnerable, non-volatile memories. Due to the physical nature of PUFs, environmental variations cause noise, manifesting themselves as errors which are apparent in the initial PUF measurements. This necessitates expensive active error correction techniques which can run counter to the goal of lightweight security. ML-based techniques for authenticating noisy PUF measurements were explored as an alternative to error correction techniques, bringing about the concept of a PUF Phenotype, where PUF identity is considered as a structure agnostic representation of the PUF, with relevant noise encoding. This work proposes a full noise-tolerant authentication protocol based on the PUF Phenotype concept and methodology for an Internet-of-Things (IoT) network, demonstrating mutual authentication and forward secrecy in a setting suitable for device-to-device communication. Upon conducting security and performance analyses, it is evident that our proposed scheme demonstrates resilience against various attacks compared to the currently existing PUF protocols.
△ Less
Submitted 6 March, 2024;
originally announced March 2024.
-
Privacy-Preserving Collaborative Split Learning Framework for Smart Grid Load Forecasting
Authors:
Asif Iqbal,
Prosanta Gope,
Biplab Sikdar
Abstract:
Accurate load forecasting is crucial for energy management, infrastructure planning, and demand-supply balancing. Smart meter data availability has led to the demand for sensor-based load forecasting. Conventional ML allows training a single global model using data from multiple smart meters requiring data transfer to a central server, raising concerns for network requirements, privacy, and securi…
▽ More
Accurate load forecasting is crucial for energy management, infrastructure planning, and demand-supply balancing. Smart meter data availability has led to the demand for sensor-based load forecasting. Conventional ML allows training a single global model using data from multiple smart meters requiring data transfer to a central server, raising concerns for network requirements, privacy, and security. We propose a split learning-based framework for load forecasting to alleviate this issue. We split a deep neural network model into two parts, one for each Grid Station (GS) responsible for an entire neighbourhood's smart meters and the other for the Service Provider (SP). Instead of sharing their data, client smart meters use their respective GSs' model split for forward pass and only share their activations with the GS. Under this framework, each GS is responsible for training a personalized model split for their respective neighbourhoods, whereas the SP can train a single global or personalized model for each GS. Experiments show that the proposed models match or exceed a centrally trained model's performance and generalize well. Privacy is analyzed by assessing information leakage between data and shared activations of the GS model split. Additionally, differential privacy enhances local data privacy while examining its impact on performance. A transformer model is used as our base learner.
△ Less
Submitted 12 March, 2024; v1 submitted 3 March, 2024;
originally announced March 2024.
-
Attacking Delay-based PUFs with Minimal Adversary Model
Authors:
Hongming Fei,
Owen Millwood,
Prosanta Gope,
Jack Miskelly,
Biplab Sikdar
Abstract:
Physically Unclonable Functions (PUFs) provide a streamlined solution for lightweight device authentication. Delay-based Arbiter PUFs, with their ease of implementation and vast challenge space, have received significant attention; however, they are not immune to modelling attacks that exploit correlations between their inputs and outputs. Research is therefore polarized between develo** modelli…
▽ More
Physically Unclonable Functions (PUFs) provide a streamlined solution for lightweight device authentication. Delay-based Arbiter PUFs, with their ease of implementation and vast challenge space, have received significant attention; however, they are not immune to modelling attacks that exploit correlations between their inputs and outputs. Research is therefore polarized between develo** modelling-resistant PUFs and devising machine learning attacks against them. This dichotomy often results in exaggerated concerns and overconfidence in PUF security, primarily because there lacks a universal tool to gauge a PUF's security. In many scenarios, attacks require additional information, such as PUF type or configuration parameters. Alarmingly, new PUFs are often branded `secure' if they lack a specific attack model upon introduction. To impartially assess the security of delay-based PUFs, we present a generic framework featuring a Mixture-of-PUF-Experts (MoPE) structure for mounting attacks on various PUFs with minimal adversarial knowledge, which provides a way to compare their performance fairly and impartially. We demonstrate the capability of our model to attack different PUF types, including the first successful attack on Heterogeneous Feed-Forward PUFs using only a reasonable amount of challenges and responses. We propose an extension version of our model, a Multi-gate Mixture-of-PUF-Experts (MMoPE) structure, facilitating multi-task learning across diverse PUFs to recognise commonalities across PUF designs. This allows a streamlining of training periods for attacking multiple PUFs simultaneously. We conclude by showcasing the potent performance of MoPE and MMoPE across a spectrum of PUF types, employing simulated, real-world unbiased, and biased data sets for analysis.
△ Less
Submitted 1 March, 2024;
originally announced March 2024.
-
AIDPS:Adaptive Intrusion Detection and Prevention System for Underwater Acoustic Sensor Networks
Authors:
Soumadeep Das,
Aryan Mohammadi Pasikhani,
Prosanta Gope,
John A. Clark,
Chintan Patel,
Biplab Sikdar
Abstract:
Underwater Acoustic Sensor Networks (UW-ASNs) are predominantly used for underwater environments and find applications in many areas. However, a lack of security considerations, the unstable and challenging nature of the underwater environment, and the resource-constrained nature of the sensor nodes used for UW-ASNs (which makes them incapable of adopting security primitives) make the UW-ASN prone…
▽ More
Underwater Acoustic Sensor Networks (UW-ASNs) are predominantly used for underwater environments and find applications in many areas. However, a lack of security considerations, the unstable and challenging nature of the underwater environment, and the resource-constrained nature of the sensor nodes used for UW-ASNs (which makes them incapable of adopting security primitives) make the UW-ASN prone to vulnerabilities. This paper proposes an Adaptive decentralised Intrusion Detection and Prevention System called AIDPS for UW-ASNs. The proposed AIDPS can improve the security of the UW-ASNs so that they can efficiently detect underwater-related attacks (e.g., blackhole, grayhole and flooding attacks). To determine the most effective configuration of the proposed construction, we conduct a number of experiments using several state-of-the-art machine learning algorithms (e.g., Adaptive Random Forest (ARF), light gradient-boosting machine, and K-nearest neighbours) and concept drift detection algorithms (e.g., ADWIN, kdqTree, and Page-Hinkley). Our experimental results show that incremental ARF using ADWIN provides optimal performance when implemented with One-class support vector machine (SVM) anomaly-based detectors. Furthermore, our extensive evaluation results also show that the proposed scheme outperforms state-of-the-art bench-marking methods while providing a wider range of desirable features such as scalability and complexity.
△ Less
Submitted 14 September, 2023;
originally announced September 2023.
-
A Novel DDPM-based Ensemble Approach for Energy Theft Detection in Smart Grids
Authors:
Xun Yuan,
Yang Yang,
Asif Iqbal,
Prosanta Gope,
Biplab Sikdar
Abstract:
Energy theft, characterized by manipulating energy consumption readings to reduce payments, poses a dual threat-causing financial losses for grid operators and undermining the performance of smart grids. Effective Energy Theft Detection (ETD) methods become crucial in mitigating these risks by identifying such fraudulent activities in their early stages. However, the majority of current ETD method…
▽ More
Energy theft, characterized by manipulating energy consumption readings to reduce payments, poses a dual threat-causing financial losses for grid operators and undermining the performance of smart grids. Effective Energy Theft Detection (ETD) methods become crucial in mitigating these risks by identifying such fraudulent activities in their early stages. However, the majority of current ETD methods rely on supervised learning, which is hindered by the difficulty of labelling data and the risk of overfitting known attacks. To address these challenges, several unsupervised ETD methods have been proposed, focusing on learning the normal patterns from honest users, specifically the reconstruction of input. However, our investigation reveals a limitation in current unsupervised ETD methods, as they can only detect anomalous behaviours in users exhibiting regular patterns. Users with high-variance behaviours pose a challenge to these methods. In response, this paper introduces a Denoising Diffusion Probabilistic Model (DDPM)-based ETD approach. This innovative approach demonstrates impressive ETD performance on high-variance smart grid data by incorporating additional attributes correlated with energy consumption. The proposed methods improve the average ETD performance on high-variance smart grid data from below 0.5 to over 0.9 w.r.t. AUC. On the other hand, our experimental findings indicate that while the state-of-the-art ETD methods based on reconstruction error can identify ETD attacks for the majority of users, they prove ineffective in detecting attacks for certain users. To address this, we propose a novel ensemble approach that considers both reconstruction error and forecasting error, enhancing the robustness of the ETD methodology. The proposed ensemble method improves the average ETD performance on the stealthiest attacks from nearly 0 to 0.5 w.r.t. 5%-TPR.
△ Less
Submitted 13 January, 2024; v1 submitted 30 July, 2023;
originally announced July 2023.
-
E-Tenon: An Efficient Privacy-Preserving Secure Open Data Sharing Scheme for EHR System
Authors:
Zhihui Lin,
Prosanta Gope,
Jianting Ning,
Biplab Sikdar
Abstract:
The transition from paper-based information to Electronic-Health-Records (EHRs) has driven various advancements in the modern healthcare-industry. In many cases, patients need to share their EHR with healthcare professionals. Given the sensitive and security-critical nature of EHRs, it is essential to consider the security and privacy issues of storing and sharing EHR. However, existing security s…
▽ More
The transition from paper-based information to Electronic-Health-Records (EHRs) has driven various advancements in the modern healthcare-industry. In many cases, patients need to share their EHR with healthcare professionals. Given the sensitive and security-critical nature of EHRs, it is essential to consider the security and privacy issues of storing and sharing EHR. However, existing security solutions excessively encrypt the whole database, thus requiring the entire database to be decrypted for each access request, which is a time-consuming process. On the other hand, the use of EHR for medical research (e.g., development of precision-medicine, diagnostics-techniques), as well as optimisation of practices in healthcare organisations, requires the EHR to be analysed, and for that, they should be easily accessible without compromising the privacy of the patient. In this paper, we propose an efficient technique called E-Tenon that not only securely keeps all EHR publicly accessible but also provides the desirable security features. To the best of our knowledge, this is the first work in which an Open Database is used for protecting EHR. The proposed E-Tenon empowers patients to securely share their EHR under multi-level, fine-grained access policies defined by themselves. Analyses show that our system outperforms existing solutions in terms of computational-complexity.
△ Less
Submitted 12 July, 2022;
originally announced July 2022.
-
Decentralized Identifier-based Privacy-preserving Authenticated Key Exchange Protocol for Electric Vehicle Charging in Smart Grid
Authors:
Rohini Poolat Parameswarath,
Prosanta Gope,
Biplab Sikdar
Abstract:
The popularity of Electric Vehicles (EVs) has been rising across the globe in recent years. Smart grids will be the backbone for EV charging and enable efficient consumption of electricity by the EVs. With the demand for EVs, associated cyber threats are also increasing. Users expose their personal information while charging their EVs, leading to privacy threats. This paper proposes a user-empower…
▽ More
The popularity of Electric Vehicles (EVs) has been rising across the globe in recent years. Smart grids will be the backbone for EV charging and enable efficient consumption of electricity by the EVs. With the demand for EVs, associated cyber threats are also increasing. Users expose their personal information while charging their EVs, leading to privacy threats. This paper proposes a user-empowered, privacy-aware authenticated key exchange protocol for EV charging in smart grid. The proposed protocol is based on the concept of Decentralized Identifier (DID) and Verifiable Credentials (VCs). The use of DIDs empowers users by hel** them to have complete control over their identities. The charging station and the user verify that the other party is legitimate before proceeding with the charging services using VC. Key recovery is another issue we address in this paper. A method to recover lost keys is incorporated into the proposed protocol. We present formal security proof and informal analysis to show that protocol's robustness against several attacks. We also provide a detailed performance analysis to show that the proposed protocol is efficient.
△ Less
Submitted 27 June, 2022;
originally announced June 2022.
-
Delay and Power consumption Analysis for Queue State Dependent Service Rate Control in WirelessHart System
Authors:
Dibyajyoti Guha,
Jie Chen,
Abhijit Dutta Banik,
Biplab Sikdar
Abstract:
To solve the problem of power supply limitation of machines working in wireless industry automation, we evaluated the workload aware service rate control design implanted in the medium access control component of these small devices and proposed a bio-intelligence based algorithm to optimise the design regarding the delay constraint while minimizing power consumption. To achieve this, we provide a…
▽ More
To solve the problem of power supply limitation of machines working in wireless industry automation, we evaluated the workload aware service rate control design implanted in the medium access control component of these small devices and proposed a bio-intelligence based algorithm to optimise the design regarding the delay constraint while minimizing power consumption. To achieve this, we provide an accurate analysis of the delay cost of this design and for the first time pinpoint an exact departure process model in order to evaluate the overall delay cost in consideration of the medium access time.
△ Less
Submitted 10 February, 2021;
originally announced March 2021.
-
Analysis and synthesis of nonlinear reversible cellular automata in linear time
Authors:
Sukanta Das,
Biplab K Sikdar
Abstract:
Cellular automata (CA) have been found as an attractive modeling tool for various applications, such as, pattern recognition, image processing, data compression, encryption, and specially for VLSI design & test. For such applications, mostly a special class of CA, called as linear/additive CA, have been utilized. Since linear/additive CA refer a limited number of candidate CA, while searching for…
▽ More
Cellular automata (CA) have been found as an attractive modeling tool for various applications, such as, pattern recognition, image processing, data compression, encryption, and specially for VLSI design & test. For such applications, mostly a special class of CA, called as linear/additive CA, have been utilized. Since linear/additive CA refer a limited number of candidate CA, while searching for solution to a problem, the best result may not be expected. The nonlinear CA can be a better alternative to linear/additive CA for achieving desired solutions in different applications. However, the nonlinear CA are yet to be characterized to fit the design for modeling an application. This work targets characterization of the nonlinear CA to utilize the huge search space of nonlinear CA while develo** applications in VLSI domain. An analytical framework is developed to explore the properties of CA rules. The characterization is directed to deal with the reversibility, as the reversible CA are primarily targeted for VLSI applications. The reported characterization enables us to design two algorithms of linear time complexities -- one for identification and nother for synthesis of nonlinear reversible CA. Finally, the CA rules are classified into 6 classes for develo** further efficient synthesis algorithm.
△ Less
Submitted 27 November, 2013;
originally announced November 2013.