-
A Novel Endorsement Protocol to Secure BFT-Based Consensus in Permissionless Blockchain
Authors:
Ziqiang Xu,
Ahmad Salehi Shahraki,
Naveen Chilamkurti
Abstract:
Permissionless blockchain technology offers numerous potential benefits for decentralised applications, such as security, transparency, and openness. BFT-based consensus mechanisms are widely adopted in the permissioned blockchain to meet the high scalability requirements of the network. Sybil attacks are one of the most potential threats when applying BFT-based consensus mechanisms in permissionl…
▽ More
Permissionless blockchain technology offers numerous potential benefits for decentralised applications, such as security, transparency, and openness. BFT-based consensus mechanisms are widely adopted in the permissioned blockchain to meet the high scalability requirements of the network. Sybil attacks are one of the most potential threats when applying BFT-based consensus mechanisms in permissionless blockchain due to the lack of effective verification mechanisms for participants' identities. This paper presents a novel endorsement-based bootstrap** protocol with a signature algorithm that offers a streamlined, scalable identity endorsement and verification process. This approach effectively safeguards the BFT-based consensus mechanism against Sybil attacks. Using our proposed method, we have conducted thorough security analyses and simulation experiments to assess security, robustness, and scalability advantages in large-scale networks. Our results demonstrate that the scheme can effectively address the identity verification challenges when applying BFT-based consensus in a permissionless blockchain.
△ Less
Submitted 3 May, 2024;
originally announced May 2024.
-
Enhancing Accuracy-Privacy Trade-off in Differentially Private Split Learning
Authors:
Ngoc Duy Pham,
Khoa Tran Phan,
Naveen Chilamkurti
Abstract:
Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and kee** private data locally. Only processed or `smashed' data can be transmitted from the clients to the server during the SL process. However, recently proposed model inversion attacks can recover the original data from the smashed data. In order to enhance privacy protection against such…
▽ More
Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and kee** private data locally. Only processed or `smashed' data can be transmitted from the clients to the server during the SL process. However, recently proposed model inversion attacks can recover the original data from the smashed data. In order to enhance privacy protection against such attacks, a strategy is to adopt differential privacy (DP), which involves safeguarding the smashed data at the expense of some accuracy loss. This paper presents the first investigation into the impact on accuracy when training multiple clients in SL with various privacy requirements. Subsequently, we propose an approach that reviews the DP noise distributions of other clients during client training to address the identified accuracy degradation. We also examine the application of DP to the local model of SL to gain insights into the trade-off between accuracy and privacy. Specifically, findings reveal that introducing noise in the later local layers offers the most favorable balance between accuracy and privacy. Drawing from our insights in the shallower layers, we propose an approach to reduce the size of smashed data to minimize data leakage while maintaining higher accuracy, optimizing the accuracy-privacy trade-off. Additionally, a smaller size of smashed data reduces communication overhead on the client side, mitigating one of the notable drawbacks of SL. Experiments with popular datasets demonstrate that our proposed approaches provide an optimal trade-off for incorporating DP into SL, ultimately enhancing training accuracy for multi-client SL with varying privacy requirements.
△ Less
Submitted 22 October, 2023;
originally announced October 2023.
-
Split Learning without Local Weight Sharing to Enhance Client-side Data Privacy
Authors:
Ngoc Duy Pham,
Tran Khoa Phan,
Alsharif Abuadbba,
Yansong Gao,
Doan Nguyen,
Naveen Chilamkurti
Abstract:
Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and kee** private data locally. In SL training with multiple clients, the local model weights are shared among the clients for local model update. This paper first reveals data privacy leakage exacerbated from local weight sharing among the clients in SL through model inversion attacks. Then,…
▽ More
Split learning (SL) aims to protect user data privacy by distributing deep models between client-server and kee** private data locally. In SL training with multiple clients, the local model weights are shared among the clients for local model update. This paper first reveals data privacy leakage exacerbated from local weight sharing among the clients in SL through model inversion attacks. Then, to reduce the data privacy leakage issue, we propose and analyze privacy-enhanced SL (P-SL) (or SL without local weight sharing). We further propose parallelized P-SL to expedite the training process by duplicating multiple server-side model instances without compromising accuracy. Finally, we explore P-SL with late participating clients and devise a server-side cache-based training method to address the forgetting phenomenon in SL when late clients join. Experimental results demonstrate that P-SL helps reduce up to 50% of client-side data leakage, which essentially achieves a better privacy-accuracy trade-off than the current trend by using differential privacy mechanisms. Moreover, P-SL and its cache-based version achieve comparable accuracy to baseline SL under various data distributions, while cost less computation and communication. Additionally, caching-based training in P-SL mitigates the negative effect of forgetting, stabilizes the learning, and enables practical and low-complexity training in a dynamic environment with late-arriving clients.
△ Less
Submitted 20 July, 2023; v1 submitted 30 November, 2022;
originally announced December 2022.
-
Adversarial Models Towards Data Availability and Integrity of Distributed State Estimation for Industrial IoT-Based Smart Grid
Authors:
Haftu Tasew Reda,
Abdun Mahmood,
Adnan Anwar,
Naveen Chilamkurti
Abstract:
Security issue of distributed state estimation (DSE) is an important prospect for the rapidly growing smart grid ecosystem. Any coordinated cyberattack targeting the distributed system of state estimators can cause unrestrained estimation errors and can lead to a myriad of security risks, including failure of power system operation. This article explores the security threats of a smart grid arisin…
▽ More
Security issue of distributed state estimation (DSE) is an important prospect for the rapidly growing smart grid ecosystem. Any coordinated cyberattack targeting the distributed system of state estimators can cause unrestrained estimation errors and can lead to a myriad of security risks, including failure of power system operation. This article explores the security threats of a smart grid arising from the exploitation of DSE vulnerabilities. To this aim, novel adversarial strategies based on two-stage data availability and integrity attacks are proposed towards a distributed industrial Internet of Things-based smart grid. The former's attack goal is to prevent boundary data exchange among distributed control centers, while the latter's attack goal is to inject a falsified data to cause local and global system unobservability. The proposed framework is evaluated on IEEE standard 14-bus system and benchmarked against the state-of-the-art research. Experimental results show that the proposed two-stage cyberattack results in an estimated error of approximately 34.74% compared to an error of the order of 10^-3 under normal operating conditions.
△ Less
Submitted 13 June, 2022;
originally announced June 2022.
-
Binarizing Split Learning for Data Privacy Enhancement and Computation Reduction
Authors:
Ngoc Duy Pham,
Alsharif Abuadbba,
Yansong Gao,
Tran Khoa Phan,
Naveen Chilamkurti
Abstract:
Split learning (SL) enables data privacy preservation by allowing clients to collaboratively train a deep learning model with the server without sharing raw data. However, SL still has limitations such as potential data privacy leakage and high computation at clients. In this study, we propose to binarize the SL local layers for faster computation (up to 17.5 times less forward-propagation time in…
▽ More
Split learning (SL) enables data privacy preservation by allowing clients to collaboratively train a deep learning model with the server without sharing raw data. However, SL still has limitations such as potential data privacy leakage and high computation at clients. In this study, we propose to binarize the SL local layers for faster computation (up to 17.5 times less forward-propagation time in both training and inference phases on mobile devices) and reduced memory usage (up to 32 times less memory and bandwidth requirements). More importantly, the binarized SL (B-SL) model can reduce privacy leakage from SL smashed data with merely a small degradation in model accuracy. To further enhance the privacy preservation, we also propose two novel approaches: 1) training with additional local leak loss and 2) applying differential privacy, which could be integrated separately or concurrently into the B-SL model. Experimental results with different datasets have affirmed the advantages of the B-SL models compared with several benchmark models. The effectiveness of B-SL models against feature-space hijacking attack (FSHA) is also illustrated. Our results have demonstrated B-SL models are promising for lightweight IoT/mobile applications with high privacy-preservation requirements such as mobile healthcare applications.
△ Less
Submitted 10 June, 2022;
originally announced June 2022.
-
Can the Multi-Incoming Smart Meter Compressed Streams be Re-Compressed?
Authors:
Sharif Abuadbba,
Ayman Ibaida,
Ibrahim Khalil,
Naveen Chilamkurti,
Surya Nepal,
Xinghuo Yu
Abstract:
Smart meters have currently attracted attention because of their high efficiency and throughput performance. They transmit a massive volume of continuously collected waveform readings (e.g. monitoring). Although many compression models are proposed, the unexpected size of these compressed streams required endless storage and management space which poses a unique challenge. Therefore, this paper ex…
▽ More
Smart meters have currently attracted attention because of their high efficiency and throughput performance. They transmit a massive volume of continuously collected waveform readings (e.g. monitoring). Although many compression models are proposed, the unexpected size of these compressed streams required endless storage and management space which poses a unique challenge. Therefore, this paper explores the question of can the compressed smart meter readings be re-compressed? We first investigate the applicability of re-applying general compression algorithms directly on compressed streams. The results were poor due to the lack of redundancy. We further propose a novel technique to enhance the theoretical entropy and exploit that to re-compress. This is successfully achieved by using unsupervised learning as a similarity measurement to cluster the compressed streams into subgroups. The streams in every subgroup have been interleaved, followed by the first derivative to minimize the values and increase the redundancy. After that, two rotation steps have been applied to rearrange the readings in a more consecutive format before applying a developed dynamic run length. Finally, entropy coding is performed. Both mathematical and empirical experiments proved the significant improvement of the compressed streams entropy (i.e. almost reduced by half) and the resultant compression ratio (i.e. up to 50%).
△ Less
Submitted 4 June, 2020;
originally announced June 2020.