Visible to the public Biblio

Filters: Author is Shi, Weidong  [Clear All Filters]
Xu, Lei, Gao, Zhimin, Fan, Xinxin, Chen, Lin, Kim, Hanyee, Suh, Taeweon, Shi, Weidong.  2020.  Blockchain Based End-to-End Tracking System for Distributed IoT Intelligence Application Security Enhancement. 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom). :1028–1035.
IoT devices provide a rich data source that is not available in the past, which is valuable for a wide range of intelligence applications, especially deep neural network (DNN) applications that are data-thirsty. An established DNN model provides useful analysis results that can improve the operation of IoT systems in turn. The progress in distributed/federated DNN training further unleashes the potential of integration of IoT and intelligence applications. When a large number of IoT devices are deployed in different physical locations, distributed training allows training modules to be deployed to multiple edge data centers that are close to the IoT devices to reduce the latency and movement of large amounts of data. In practice, these IoT devices and edge data centers are usually owned and managed by different parties, who do not fully trust each other or have conflicting interests. It is hard to coordinate them to provide end-to-end integrity protection of the DNN construction and application with classical security enhancement tools. For example, one party may share an incomplete data set with others, or contribute a modified sub DNN model to manipulate the aggregated model and affect the decision-making process. To mitigate this risk, we propose a novel blockchain based end-to-end integrity protection scheme for DNN applications integrated with an IoT system in the edge computing environment. The protection system leverages a set of cryptography primitives to build a blockchain adapted for edge computing that is scalable to handle a large number of IoT devices. The customized blockchain is integrated with a distributed/federated DNN to offer integrity and authenticity protection services.
Gao, Zhimin, Xu, Lei, Turner, Glenn, Patel, Brijesh, Diallo, Nour, Chen, Lin, Shi, Weidong.  2018.  Blockchain-based Identity Management with Mobile Device. Proceedings of the 1st Workshop on Cryptocurrencies and Blockchains for Distributed Systems. :66–70.

Blockchain is a powerful and distributed platform for transactions which require a unified, resilient, transparent and consensus-based record keeping system. It has been applied to scenarios like smart city, supply chain, medical data storing and sharing, and etc. Many works have been done on improving the performance and security of such systems. However, there is a lack of the mechanism of identity binding when a human being is involved in corresponding physical world, i.e., if one is involved in an activity, his/her identity in the real world should be correctly reflected in the blockchain system. To mitigate this gap, we propose BlockID, a novel framework for people identity management that leverages biometric authentication and trusted computing technology. We also develop a prototype to demonstrate its feasibility in practice.

Chen, Lin, Xu, Lei, Shah, Nolan, Diallo, Nour, Gao, Zhimin, Lu, Yang, Shi, Weidong.  2017.  Unraveling Blockchain Based Crypto-Currency System Supporting Oblivious Transactions: A Formalized Approach. Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts. :23–28.

User privacy is an important issue in a blockchain based transaction system. Bitcoin, being one of the most widely used blockchain based transaction system, fails to provide enough protection on users' privacy. Many subsequent studies focus on establishing a system that hides the linkage between the identities (pseudonyms) of users and the transactions they carry out in order to provide a high level of anonymity. Examples include Zerocoin, Zerocash and so on. It thus becomes an interesting question whether such new transaction systems do provide enough protection on users' privacy. In this paper, we propose a novel and effective approach for de-anonymizing these transaction systems by leveraging information in the system that is not directly related, including the number of transactions made by each identity and time stamp of sending and receiving. Combining probability studies with optimization tools, we establish a model which allows us to determine, among all possible ways of linking between transactions and identities, the one that is most likely to be true. Subsequent transaction graph analysis could then be carried out, leading to the de-anonymization of the system. To solve the model, we provide exact algorithms based on mixed integer linear programming. Our research also establishes interesting relationships between the de-anonymization problem and other problems studied in the literature of theoretical computer science, e.g., the graph matching problem and scheduling problem.