skip to main content
Volume 21, Issue 5Sept.-Oct. 2024
Publisher:
  • IEEE Computer Society Press
  • Washington
  • DC
  • United States
ISSN:1545-5971
Reflects downloads up to 21 Jan 2025Bibliometrics
research-article
<italic>TAPFed:</italic> Threshold Secure Aggregation for Privacy-Preserving Federated Learning

Federated learning is a computing paradigm that enhances privacy by enabling multiple parties to collaboratively train a machine learning model without revealing personal data. However, current research indicates that traditional federated learning ...

research-article
On the Security of Verifiable and Oblivious Secure Aggregation for Privacy-Preserving Federated Learning

Recently, to resist privacy leakage and aggregation result forgery in federated learning (FL), Wang et al. proposed a verifiable and oblivious secure aggregation protocol for FL, called VOSA. They claimed that VOSA was aggregate unforgeable and verifiable ...

research-article
Benchmarking Joint Face Spoofing and Forgery Detection With Visual and Physiological Cues

Face anti-spoofing (FAS) and face forgery detection play vital roles in securing face biometric systems from presentation attacks (PAs) and vicious digital manipulation (e.g., deepfakes). Despite satisfactory performance upon large-scale data and powerful ...

research-article
The Perils of Wi-Fi Spoofing Attack Via Geolocation API and Its Defense

Location spoofing attack deceiving a Wi-Fi positioning system has been studied for over a decade. However, it has been challenging to construct a practical spoofing attack in urban areas with dense coverage of legitimate Wi-Fi APs. This paper identifies ...

research-article
Analyzing and Defending <monospace>GhostTouch</monospace> Attack Against Capacitive Touchscreens

Capacitive touchscreens have become the primary human-machine interface for personal devices such as smartphones and tablets. In this article, we present <monospace>GhostTouch</monospace>, the first active contactless attack against capacitive ...

research-article
Toward Enhancing Sequence-Optimized Malware Representation With Context-Separated Bi-Directional Long Short-Term Memory and Proximal Policy Optimization

Malware proliferation is a major threat to computer systems, and malware classification techniques are effective for analyzing and identifying malware. Recent intelligent malware classifiers intend to integrate natural language processing techniques for ...

research-article
Provably Secure Decisions Based on Potentially Malicious Information

There are various security-critical decisions routinely made, based on information provided by peers: routing messages, user reports, sensor data, navigational information, blockchain updates, etc. Jury theorems were proposed in sociology to make ...

research-article
SPCEX: Secure and Privacy-Preserving Cryptocurrency Exchange

The prosperity of blockchain technique has spawned numerous types of cryptocurrencies. However, a secure and privacy-preserving cryptocurrency exchange protocol that can support atomicity and unlinkability, and effectively resist various attacks is still ...

research-article
LESSON: Multi-Label Adversarial False Data Injection Attack for Deep Learning Locational Detection

Deep learning methods can not only detect false data injection attacks (FDIA) but also locate attacks of FDIA. Although adversarial false data injection attacks (AFDIA) based on deep learning vulnerabilities have been studied in the field of single-label ...

research-article
TrustGuard: GNN-Based Robust and Explainable Trust Evaluation With Dynamicity Support

Trust evaluation assesses trust relationships between entities and facilitates decision-making. Machine Learning (ML) shows great potential for trust evaluation owing to its learning capabilities. In recent years, Graph Neural Networks (GNNs), as a new ML ...

research-article
Open Access
Efficient FHE-Based Privacy-Enhanced Neural Network for Trustworthy AI-as-a-Service

AI-as-a-Service has emerged as an important trend for supporting the growth of the digital economy. Digital service providers make use of their vast amount of customer data to train AI models (such as image recognition, financial modelling and pandemic ...

research-article
A Blockchain-Based Secure Covert Communication Method via Shamir Threshold and STC Mapping

Covert communication is a crucial technology that hides information in the redundant structure of the file and transmission through public channel to achieve the secure delivery of information. The existing covert communication methods face certain ...

research-article
<italic>Sine</italic>: Similarity is Not Enough for Mitigating Local Model Poisoning Attacks in Federated Learning

Federated learning is a collaborative machine learning paradigm that brings the model to the edge for training over the participants&#x2019; local data under the orchestration of a trusted server. Though this paradigm protects data privacy, the aggregator ...

research-article
GraphCH: A Deep Framework for Assessing Cyber-Human Aspects in Insider Threat Detection

Insider threat is one of the most damaging cyber attacks that could cause the loss of intellectual property and enterprise data security breaches. Action sequence data such as host logs are used to investigate such threats and develop anomaly-based AI ...

research-article
Privacy-Preserving Anomaly Detection of Encrypted Smart Contract for Blockchain-Based Data Trading

In a blockchain-based data trading platform, data users can purchase data sets and computing power through encrypted smart contracts. The security of smart contracts is important as it relates to that of the data platform. However, due to the inability to ...

research-article
REEDS: An Efficient Revocable End-to-End Encrypted Message Distribution System for IoT

To address the confidentiality concerns of malicious adversaries that fully compromise the message broker in pub/sub based IoT systems, several researchers use proxy re-encryption (PRE) to realize end-to-end encrypted message distribution (from publisher ...

research-article
Reducing Privacy of CoinJoin Transactions: Quantitative Bitcoin Network Analysis

Privacy within the Bitcoin ecosystem has been critical for the operation and propagation of the system since its very first release. While various entities have sought to deanonymize and reveal user identities, the default semi-anonymous approach to ...

research-article
<italic>BadCleaner:</italic> Defending Backdoor Attacks in Federated Learning via Attention-Based Multi-Teacher Distillation

As a privacy-preserving distributed learning paradigm, federated learning (FL) has been proven to be vulnerable to various attacks, among which backdoor attack is one of the toughest. In this attack, malicious users attempt to embed backdoor triggers into ...

research-article
TreasureCache: Hiding Cache Evictions Against Side-Channel Attacks

Cache side-channel attacks remain a stubborn source of cross-core secret leakage. Such attacks exploit the timing difference between cache hits and misses. Most defenses thus choose to prevent cache evictions. Given that two possible types of evictions&#...

research-article
Poison-Tolerant Collaborative Filtering Against Poisoning Attacks on Recommender Systems

Personalized recommendation is deemed ubiquitous. Indeed, it has been applied to several online services (e.g., E-commerce, advertising, and social media applications, to name a few). Learning unknown user preferences from user-provided data lies at the ...

research-article
Evaluating C/C++ Vulnerability Detectability of Query-Based Static Application Security Testing Tools

In recent years, <italic>query-based static application security testing</italic>(Q-SAST) tools such as CodeQL have gained popularity due to their ability to codify vulnerability knowledge into SQL-like queries and search for vulnerabilities in the ...

research-article
Efficient and Secure Federated Learning Against Backdoor Attacks

Due to the powerful representation ability and superior performance of Deep Neural Networks (DNN), Federated Learning (FL) based on DNN has attracted much attention from both academic and industrial fields. However, its transmitted plaintext data causes ...

research-article
AVPMIR: Adaptive Verifiable Privacy-Preserving Medical Image Retrieval

The increasing privacy concerns associated with cloud-assisted image retrieval have captured the attention of researchers. However, a significant number of current research endeavors encounter limitations, including suboptimal accuracy, inefficient ...

research-article
IMIH: Imperceptible Medical Image Hiding for Secure Healthcare

Medical images play a crucial role in doctors&#x2019; clinical diagnosis and treatment. However, the transmission and sharing of such private information raises security concerns. To address this issue, image hiding is used as an effective technique to ...

research-article
A Blockchain-Based Privacy-Preserving Scheme for Sealed-Bid Auction

The sealed-bid auction enables bidders to secretly send their bids to the auctioneer, which compares all bids and publishes the winning one on the bid-opening day. This type of auction is friendly for protecting the bid privacy, and sufficiently fair for ...

research-article
Solution Probing Attack Against Coin Mixing Based Privacy-Preserving Crowdsourcing Platforms

Conventional crowdsourcing platforms primarily rely on a central server as the broker for information exchange. Although many efforts have been made, centralized platforms are still vulnerable to underlying security issues, such as an untrusted central ...

research-article
Blockchain Based Auditable Access Control for Business Processes With Event Driven Policies

The use of blockchain technology has been proposed to provide auditable access control for individual resources. Unlike the case where all resources are owned by a single organization, this work focuses on distributed applications such as business ...

research-article
MQTT-I: Achieving End-to-End Data Flow Integrity in MQTT

MQTT has become the de facto standard in the IoT. Although standard MQTT lacks built-in security features, several proposals have been made to address this gap. Unfortunately, no existing proposal aims to offer end-to-end data flow integrity in the threat ...

research-article
Open Access
Improving Logic Bomb Identification in Android Apps via Context-Aware Anomaly Detection

One prominent tactic used to keep malicious behavior from being detected during dynamic test campaigns is <italic>logic bombs</italic>, where malicious operations are triggered only when specific conditions are satisfied. Defusing logic bombs remains an ...

research-article
A Semantic, Syntactic, and Context-Aware Natural Language Adversarial Example Generator

Machine learning models are vulnerable to maliciously crafted Adversarial Examples (AEs). Training a machine learning model with AEs improves its robustness and stability against adversarial attacks. It is essential to develop models that produce high-...

Comments