Query:
学者姓名:张建标
Refining:
Year
Type
Indexed by
Source
Complex
Co-Author
Language
Clean All
Abstract :
Federated Learning (FL), a secure and emerging distributed learning paradigm, has garnered significant interest in the Internet of Things (IoT) domain. However, it remains vulnerable to adversaries who may compromise privacy and integrity. Previous studies on privacy-preserving FL (PPFL) have demonstrated limitations in client model personalization and resistance to poisoning attacks, including Byzantine and backdoor attacks. In response, we propose a novel PPFL framework, FedRectify, that employs a personalized dual-layer approach through the deployment of Trusted Execution Environments and an interactive training strategy. This strategy facilitates the learning of personalized client features via private and shared layers. Furthermore, to improve model's robustness to poisoning attacks, we introduce a novel aggregation method that employs clustering to filter out outlier model parameters and robust regression to assess the confidence of cluster members, thereby rectifying poisoned parameters. We theoretically prove the convergence of FedRectify and empirically validate its performance through extensive experiments. The results demonstrate that FedRectify converges 1.47-2.63 times faster than state-of-the-art methods when countering Byzantine attacks. Moreover, it can rapidly reduce the attack success rate to a low level between 10% and 40% in subsequent rounds when confronting bursty backdoor attacks.
Keyword :
trusted execution environments trusted execution environments privacy-preserving privacy-preserving IoT IoT Federated learning Federated learning poisoning attack poisoning attack
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Cao, Yihao , Zhang, Jianbiao , Zhao, Yaru et al. Privacy-Preserving Federated Learning With Improved Personalization and Poison Rectification of Client Models [J]. | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2024 , 19 : 8845-8859 . |
MLA | Cao, Yihao et al. "Privacy-Preserving Federated Learning With Improved Personalization and Poison Rectification of Client Models" . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY 19 (2024) : 8845-8859 . |
APA | Cao, Yihao , Zhang, Jianbiao , Zhao, Yaru , Shen, Hong , Huang, Haoxiang . Privacy-Preserving Federated Learning With Improved Personalization and Poison Rectification of Client Models . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2024 , 19 , 8845-8859 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Symmetric searchable encryption (SSE) enables users to search the ciphertext stored on the untrusted cloud without revealing the search keywords, effectively protecting users' privacy. However, most of the existing SSE schemes reveal the search or access pattern during the keyword query, which can be used by the adversary to infer the sensitive information in ciphertext, thus posing a great threat to users' privacy. To address this, we propose an SSE scheme supporting search pattern and access pattern protection in multi-cloud, called SAPM-SSE. In our scheme, an index shuffle protocol is proposed to change the content and location of the index after each query, which helps to achieve the protection of search and access pattern. Furthermore, with the purpose of improving the efficiency of shuffling, we construct a shuffling algorithm based on index cache, the number of index entries for shuffling reduced from gamma to gamma/n (n >= 1). Besides, our scheme supports the dynamic update of documents and achieves the forward security in update. Finally, security analysis and experimental results show that our scheme can achieve the protection of search pattern and access pattern with high efficiency.
Keyword :
symmetric searchable encryption symmetric searchable encryption multi-cloud multi-cloud dynamic dynamic pattern protection pattern protection
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Xu, Wanshan , Zhang, Jianbiao , Yuan, Yilin et al. Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud [J]. | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE , 2023 , 35 (9) . |
MLA | Xu, Wanshan et al. "Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud" . | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE 35 . 9 (2023) . |
APA | Xu, Wanshan , Zhang, Jianbiao , Yuan, Yilin , Wang, Xiao . Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud . | CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE , 2023 , 35 (9) . |
Export to | NoteExpress RIS BibTex |
Abstract :
Almost all existing data integrity verification schemes upload outsourced files and tags set to the CSP simultaneously. Thus, in this paper, we provide a novel idea to construct the integrity verification scheme via blockchain. The construction of the proposed scheme is based on identity-based encryption (IBE) which avoids the complex certificate management caused by the public key infrastructure (PKI). Our scheme decides to upload tags set to the blockchain to achieve the separate storage of the tags set and files. The characteristics of the blockchain determine that the tags set will not be forged. But separate storage may cause the information returned by the three parties participating in the public auditing to be out of sync; thus, a small data structure-audit log is introduced to solve this problem. The advantages of audit log can not only guarantee the correct and smooth implementation of the proposed scheme, but also prove the TPA's innocence when necessary. Moreover, the security of our scheme is strictly proved. Finally, a series of performance evaluations demonstrate that our scheme is efficient and feasible.
Keyword :
Cloud security storage Cloud security storage Identity-based encryption Identity-based encryption Public auditing Public auditing Blockchain Blockchain Integrity verification Integrity verification
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Yuan, Yilin , Zhang, Jianbiao , Xu, Wanshan et al. Identity-based public data integrity verification scheme in cloud storage system via blockchain [J]. | JOURNAL OF SUPERCOMPUTING , 2022 , 78 (6) : 8509-8530 . |
MLA | Yuan, Yilin et al. "Identity-based public data integrity verification scheme in cloud storage system via blockchain" . | JOURNAL OF SUPERCOMPUTING 78 . 6 (2022) : 8509-8530 . |
APA | Yuan, Yilin , Zhang, Jianbiao , Xu, Wanshan , Li, Zheng . Identity-based public data integrity verification scheme in cloud storage system via blockchain . | JOURNAL OF SUPERCOMPUTING , 2022 , 78 (6) , 8509-8530 . |
Export to | NoteExpress RIS BibTex |
Abstract :
As the public cloud becomes one of the leading ways in data-sharing nowadays, data confidentiality and user privacy are increasingly critical. Partially policy-hidden ciphertext policy attribute-based encryption (CP-ABE) can effectively protect data confidentiality while reducing privacy leakage by hiding part of the access structure. However, it cannot satisfy the need of data sharing in the public cloud with complex users and large amounts of data, both in terms of less expressive access structures and limited granularity of policy hiding. Moreover, the verification of access right to shared data and correctness of decryption are ignored or conducted by an untrusted third party, and the prime-order groups are seldom considered in the expressive policy-hidden schemes. This article proposes a fully policy-hidden CP-ABE scheme constructed on linear secret sharing scheme (LSSS) access structure and prime-order groups for public cloud data sharing. To help users decrypt, hidden vector encryption (HVE) with a "convert step" is applied, which is more compatible with CP-ABE. Meanwhile, decentralized credible verification of access right to shared data and correctness of decryption based on blockchain are also provided. We prove the security of our scheme rigorously and compare the scheme with others comprehensively. The results show that our scheme performs better.
Keyword :
Data privacy Data privacy Costs Costs policy-hidden ciphertext policy attribute-based encryption (CP-ABE) policy-hidden ciphertext policy attribute-based encryption (CP-ABE) Blockchains Blockchains hidden vector encryption (HVE) hidden vector encryption (HVE) Encryption Encryption privacy preserving privacy preserving Servers Servers Blockchain Blockchain linear secret sharing scheme (LSSS) linear secret sharing scheme (LSSS) Cloud computing Cloud computing Privacy Privacy
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Zhang, Zhaoqian , Zhang, Jianbiao , Yuan, Yilin et al. An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme With Credible Verification Based on Blockchain [J]. | IEEE INTERNET OF THINGS JOURNAL , 2022 , 9 (11) : 8681-8692 . |
MLA | Zhang, Zhaoqian et al. "An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme With Credible Verification Based on Blockchain" . | IEEE INTERNET OF THINGS JOURNAL 9 . 11 (2022) : 8681-8692 . |
APA | Zhang, Zhaoqian , Zhang, Jianbiao , Yuan, Yilin , Li, Zheng . An Expressive Fully Policy-Hidden Ciphertext Policy Attribute-Based Encryption Scheme With Credible Verification Based on Blockchain . | IEEE INTERNET OF THINGS JOURNAL , 2022 , 9 (11) , 8681-8692 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Public cloud computing has become increasingly popular due to the rapid advancements in communication and networking technology. As a result, it is widely used by businesses, corporations, and other organizations to boost the productivity. However, the result generated by millions of network-enabled IoT devices and kept on the public cloud server, as well as the latency in response and safe transmission, are important issues that IoT faces when using the public cloud computing. These concerns and obstacles can only be overcome by designing a robust mutual authentication and secure cross-verification mechanism. Therefore, we have attempted to design a cryptographic protocol based on a simple hash function, xor operations, and the exchange of random numbers. The security of the proposed protocol has formally been verified using the ROR model, ProVerif2.03, and informally using realistic discussion. In contrast, the performance metrics have been analyzed by looking into the security feature, communication, and computation costs. To sum it up, we have compared our proposed security mechanism with the state-of-the-art protocols, and we recommend it to be effectively implemented in the public cloud computing environment.
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Khan, Naveed , Zhang, Jianbiao , Ali, Jehad et al. A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing [J]. | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
MLA | Khan, Naveed et al. "A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing" . | SECURITY AND COMMUNICATION NETWORKS 2022 (2022) . |
APA | Khan, Naveed , Zhang, Jianbiao , Ali, Jehad , Pathan, Muhammad Salman , Chaudhry, Shehzad Ashraf . A Provable Secure Cross-Verification Scheme for IoT Using Public Cloud Computing . | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
Export to | NoteExpress RIS BibTex |
Abstract :
云存储中虚拟机容器架构的远程可信运行的控制方法属于容器架构可信运行领域,其特征在于实体机借助主、客体度量值模块形成本地发明人和应用程序的度量值载入本地样本数据库,再由访问控制模块对本地客户进行主、客体身份验证,合格后再由客体在CPUS和虚拟机CPUV之间客体的地址映射表经双通道通信线路发往两个CPUV所在的中控节点以最短路径发往非特许或特许存储小区内相应节点CPUm,从容器内对应地址中取出,发回CPUS,转发本单位客户。蠕虫网形式的容器架构的两个CPUV,在非特许小区的左下角,形成中控节点,为地址起点,而特许小区的地址起点设在右上角,二者分别沿容器轴向的增址或减址,具有:系统与用户,特许与非特许小区间隔离好,网内传输快的优点。
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | 张建标 , 王艳 , 韩现群 et al. 云存储中虚拟机容器架构的远程可信运行的控制方法 : CN202210086193.1[P]. | 2022-01-25 . |
MLA | 张建标 et al. "云存储中虚拟机容器架构的远程可信运行的控制方法" : CN202210086193.1. | 2022-01-25 . |
APA | 张建标 , 王艳 , 韩现群 , 公备 . 云存储中虚拟机容器架构的远程可信运行的控制方法 : CN202210086193.1. | 2022-01-25 . |
Export to | NoteExpress RIS BibTex |
Abstract :
无线传感器网络的故障发现和快速报警的方法属于无线传感器网络运行领域,其特征在于,是一个由中控节点和所有无线传感器共同组成的中心辐射网以及一个由各存储服务器彼此通过光缆连成的蠕虫网经各无线传感器上下串接而成的组合网中实现的。空闲时,中央控制器发出一组启动脉冲分别经各探头上的输入信号增强器去启动各无线传感器,中控节点便以是否收到应答信号来一次性地发现网络中所有的故障节点;正常运行时,任何两个相邻节点不仅以最快速度在最短路径下传递信息并通过蠕虫网或/和中心辐射网发向中控节点或其它节点,还能在传递时主动呼叫下一节点来发现故障节点,从而实现全过程检测。
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | 张建标 , 李跃华 , 崔玲 et al. 一种无线传感器网络的故障发现和快速报警的方法 : CN202210020586.2[P]. | 2022-01-10 . |
MLA | 张建标 et al. "一种无线传感器网络的故障发现和快速报警的方法" : CN202210020586.2. | 2022-01-10 . |
APA | 张建标 , 李跃华 , 崔玲 , 公备 . 一种无线传感器网络的故障发现和快速报警的方法 : CN202210020586.2. | 2022-01-10 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Everyone desires to avail online services provided by different service providers securely, efficiently, and effectively. In this regard, security is still a significant concern for them. However, no one guarantees secure communication by browsing different applications remotely. To ensure confidentiality, authorization, availability, nonrepudiation, and removing eavesdropping, without a robust authentication scheme, nothing will go right. Therefore, we attempted to design a robust and privacy-preserving authentication scheme for end-users to securely access public cloud servers' services remotely without losing performance. Our proposed scheme security has been evaluated formally using the random oracle model (ROM) and ProVerif2.03 and informally using proposition and discussion. At the same time, the performance metric has been analyzed by considering the scheme's computation and communication costs. Upon comparing the proposed scenario with state-of-the-artwork, it has been demonstrated that the scheme is much better in terms of security and performance, as these are contradicting metrics, and the change in one conversely affects the other.
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Khan, Naveed , Zhang, Jianbiao , Jan, Saeed Ullah . A Robust and Privacy-Preserving Anonymous User Authentication Scheme for Public Cloud Server [J]. | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
MLA | Khan, Naveed et al. "A Robust and Privacy-Preserving Anonymous User Authentication Scheme for Public Cloud Server" . | SECURITY AND COMMUNICATION NETWORKS 2022 (2022) . |
APA | Khan, Naveed , Zhang, Jianbiao , Jan, Saeed Ullah . A Robust and Privacy-Preserving Anonymous User Authentication Scheme for Public Cloud Server . | SECURITY AND COMMUNICATION NETWORKS , 2022 , 2022 . |
Export to | NoteExpress RIS BibTex |
Abstract :
The flow of data across nodes has become the dominant feature of data sharing in distributed environments with increasingly blurred boundaries, where it is crucial to maintain data access dynamic, trusted, and efficient. However, traditional centralized access control models are not only difficult to apply in distributed environments but also ignore trusted verification of authorized entities. What's worse, existing access control models rarely consider themselves security, lack independence, at a high risk of being bypassed or tampered with. Thus, we propose in this paper a distributed, dynamic, and trusted access control model, DDTAC-BSS, where the standard Attribute-Based Access Control (ABAC) architecture is modified and extended. To reduce the attack surface, we separate policy enforcement point (PEP) from other core components, they are located in the node system and access control system, respectively. Then, the access control entry point (ACEP) is added as the only interface for the node system to interact with the access control system. Subsequently, the model introduces the entity trusted assessment mechanism to improve the trustworthiness of access control services. Driven by the dynamic attributes, our model can achieve dynamic trusted authorization and fine-grained access control. Moreover, we implement a lightweight, independent, and distributed security subsystem to achieve unified management of policies and decision-making autonomy by message-driven. By considering the independence of the security subsystem, a trusted operating environment is built based on Trusted Execution Environment (TEE) to ensure the security of the access control mechanism itself. The security of our model is proved rigorously based on the non-interference theory. Comprehensive experiments and comparisons have demonstrated the superior functionality, comparable performance, and strong security of our model.
Keyword :
Data models Data models non-interference non-interference decision-making autonomy decision-making autonomy Distributed databases Distributed databases Cross node access control Cross node access control Standards Standards trusted assessment trusted assessment Trusted computing Trusted computing Dynamic scheduling Dynamic scheduling Security Security independent independent Authorization Authorization
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Huang, Haoxiang , Zhang, Jianbiao , Hu, Jun et al. Research on Distributed Dynamic Trusted Access Control Based on Security Subsystem [J]. | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2022 , 17 : 3306-3320 . |
MLA | Huang, Haoxiang et al. "Research on Distributed Dynamic Trusted Access Control Based on Security Subsystem" . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY 17 (2022) : 3306-3320 . |
APA | Huang, Haoxiang , Zhang, Jianbiao , Hu, Jun , Fu, Yingfang , Qin, Chenggang . Research on Distributed Dynamic Trusted Access Control Based on Security Subsystem . | IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY , 2022 , 17 , 3306-3320 . |
Export to | NoteExpress RIS BibTex |
Abstract :
Security of sensing network is the core of the security of the Internet of Things (IoT). The available researches cannot guarantee to prevent attacks from malicious nodes. We propose a trusted measurement scheme of behaviors for IoT. First, we construct a formal model for the behaviors of sensing nodes and of the whole sensing network, and proposed a framework of a trusted measurement of behaviors, which contains both direct and indirect trusted measurements. Afterward, we verify the efficacy of the proposed methods. Experiments suggest that the proposed trusted measurement scheme provides efficient anti-attack performance. © 2020 THE AUTHORS
Keyword :
Internet of things Internet of things Trusted computing Trusted computing
Cite:
Copy from the list or Export to your reference management。
GB/T 7714 | Ye, Tao , Ning, Zhenhu , Zhang, Jianbiao et al. Trusted measurement of behaviors for the Internet of Things [J]. | Alexandria Engineering Journal , 2021 , 60 (1) : 1477-1488 . |
MLA | Ye, Tao et al. "Trusted measurement of behaviors for the Internet of Things" . | Alexandria Engineering Journal 60 . 1 (2021) : 1477-1488 . |
APA | Ye, Tao , Ning, Zhenhu , Zhang, Jianbiao , Xu, Meng . Trusted measurement of behaviors for the Internet of Things . | Alexandria Engineering Journal , 2021 , 60 (1) , 1477-1488 . |
Export to | NoteExpress RIS BibTex |
Export
Results: |
Selected to |
Format: |