Biblio

The traditional approach to distributed deep neural network (DNN) training is data-distributed learning, which partitions and distributes data to workers. This approach, although has good convergence properties, has high communication cost, which puts a strain especially on edge systems and increases delay. An emerging approach is model-distributed learning, where a training model is distributed across workers. Model-distributed learning is a promising approach to reduce communication and storage costs, which is crucial for edge systems. In this paper, we design ResPipe, a novel resilient model-distributed DNN training mechanism against delayed/failed workers. We analyze the communication cost of ResPipe and demonstrate the trade-off between resiliency and communication cost. We implement ResPipe in a real testbed consisting of Android-based smartphones, and show that it improves the convergence rate and accuracy of training for convolutional neural networks (CNNs).

Distributed training is a novel approach to accelerating training of Deep Neural Networks (DNN), but common training libraries fall short of addressing the distributed nature of heterogeneous processors or interruption by other workloads on the shared processing nodes. This paper describes distributed training of DNN on computational storage devices (CSD), which are NAND flash-based, high-capacity data storage with internal processing engines. A CSD-based distributed architecture incorporates the advantages of federated learning in terms of performance scalability, resiliency, and data privacy by eliminating the unnecessary data movement between the storage device and the host processor. The paper also describes Stannis, a DNN training framework that improves on the shortcomings of existing distributed training frameworks by dynamically tuning the training hyperparameters in heterogeneous systems to maintain the maximum overall processing speed in term of processed images per second and energy efficiency. Experimental results on image classification training benchmarks show up to 3.1x improvement in performance and 2.45x reduction in energy consumption when using Stannis plus CSD compare to the generic systems.

In recent years, the “whole chain” development level of China's intellectual property creation, protection and application has been greatly improved. At the same time, cloud computing technology is booming, and intellectual property data distributed platforms based on cloud storage are emerging one after another. Firstly, this paper introduces the domestic intellectual property cloud platform services from the perspectives of government, state-owned enterprises and private enterprises; Secondly, four typical distributed platforms provided by commercial resources are selected to summarize the problems faced by the operation mode of domestic intellectual property services; Then, it compares and discusses the functions and service modes of domestic intellectual property distributed platform, and takes TSITE IP as an example, puts forward the design and construction strategies of intellectual property protection, intellectual property operation service distributed platform and operation service mode under the background of information age. Finally, according to the development of contemporary information technology, this paper puts forward challenges and development direction for the future development of intellectual property platform.

In many distributed learning setups such as federated learning, client nodes at the edge use individually collected data to compute the local gradients and send them to a central master server, and the master aggregates the received gradients and broadcasts the aggregation to all clients with which the clients can update the global model. As straggling communication links could severely affect the performance of distributed learning system, Prakash et al. proposed to utilize helper nodes and coding strategy to achieve resiliency against straggling client-to-helpers links. In this paper, we propose two coding schemes: repetition coding (RC) and MDS coding both of which enable the clients to update the global model in the presence of only helpers but without the master. Moreover, we characterize the uplink and downlink communication loads, and prove the tightness of uplink communication load. Theoretical tradeoff between uplink and downlink communication loads is established indicating that larger uplink communication load could reduce downlink communication load. Compared to Prakash's schemes which require a master to connect with helpers though noiseless links, our scheme can even reduce the communication load in the absence of master when the number of clients and helpers is relatively large compared to the number of straggling links.

The burgeoning networked computing devices create many distributed systems and generate new signals on a large scale. Many Internet of Things (IoT) applications, such as peer-to-peer streaming of multimedia data, crowdsourcing, and measurement by sensor networks, can be modeled as a form of big data. Processing massive data calls for new data structures and algorithms different from traditional ones designed for small-scale problems. For measurement from networked distributed systems, we consider an essential data format: signals on graphs. Due to limited computing resources, the sensor nodes in the distributed systems may outsource the computing tasks to third parties, such as cloud platforms, arising a severe concern on data privacy. A de-facto solution is to have third parties only process encrypted data. We propose a novel and efficient privacy-preserving secure outsourced computation protocol for denoising signals on the graph based on the information-theoretic secure multi-party computation (ITS-MPC). Denoising the data makes paths for further meaningful data processing. From experimenting with our algorithms in a testbed, the results indicate a better efficiency of our approach than a counterpart approach with computational security.

This paper proposes a logic-based machine learning approach called Acuity which is designed to facilitate user-guided elucidation of novel phenomena from evidence sparsely distributed across large volumes of linked relational data. The work builds on systems from the field of Inductive Logic Programming (ILP) by introducing a suite of new techniques for interacting with domain experts and data sources in a way that allows complex logical reasoning to be strategically exploited on large real-world databases through intuitive hypothesis-shaping and data-caching functionality. We propose two methods for rebutting or shaping candidate hypotheses and two methods for querying or importing relevant data from multiple sources. The benefits of Acuity are illustrated in a proof-of-principle case study involving a retrospective analysis of the CryptoWall ransomware attack using data from a cyber security testbed comprising a small business network and an infected laptop.

In power networks, it is important to detect a cyber attack. In this paper, we propose a detection method of false data injection (FDI) attacks. FDI attacks cannot be detected from the estimation error in power networks. The proposed method is based on the distributed state estimation, and is used the tentative estimated state. The proposed method is demonstrated by a numerical example on the IEEE 14-bus system.

Our proposal aims to help solving a trust problem between licensors and licensees that occurs during the active life of license agreements. We particularly focus on licensing of proprietary intellectual property (IP) that is embedded in Internet of Things (IoT) devices and services (e.g. patented technologies). To achieve this we propose to encode the logic of license agreements into smart licenses (SL). We define a SL as a `digital twin' of a licensing contract, i.e. one or more smart contracts that represent the full or relevant parts of a licensing agreement in machine readable and executable code. As SL are self enforcing, the royalty computation and execution of payments can be fully automated in a tamper free and trustworthy way. This of course, requires to employ a Distributed Ledger Technology (DLT). Such an Automated Licensing Payment System (ALPS) can thus automate an established business process and solve a longstanding trust issue in licensing markets. It renders traditional costly audits obsolete, lowers entry barriers for those who want to participate in licensing markets, and enables novel business models too complex with traditional approaches.

With the rapid development of the wireless network and smart mobile equipment, many lawbreakers employ mobile devices to destroy and steal important information and property from other persons. In order to fighting the criminal act efficiently, the public security organ need to collect the evidences from the crime tools and submit to the court. In the meantime, with development of internal storage technology, the law enforcement officials collect lots of information from the smart mobile equipment, for the sake of handling the huge amounts of data, we propose a framework that combine distributed clustering methods to analyze data sets, this model will split massive data into smaller pieces and use clustering method to analyze each smaller one on disparate machines to solve the problem of large amount of data, thus forensics investigation work will be more effectively.

Smart grid architecture and Software-defined Networking (SDN) have evolved into a centrally controlled infrastructure that captures and extracts data in real-time through sensors, smart-meters, and virtual machines. These advances pose a risk and increase the vulnerabilities of these infrastructures to sophisticated cyberattacks like distributed denial of service (DDoS), false data injection attack (FDIA), and Data replay. Integrating machine learning with a network intrusion detection system (NIDS) can improve the system's accuracy and precision when detecting suspicious signatures and network anomalies. Analyzing data in real-time using trained and tested hyperparameters on a network traffic dataset applies to most network infrastructures. The NSL-KDD dataset implemented holds various classes, attack types, protocol suites like TCP, HTTP, and POP, which are critical to packet transmission on a smart grid network. In this paper, we leveraged existing machine learning (ML) algorithms, Support vector machine (SVM), K-nearest neighbor (KNN), Random Forest (RF), Naïve Bayes (NB), and Bagging; to perform a detailed performance comparison of selected classifiers. We propose a multi-level hybrid model of SVM integrated with RF for improved accuracy and precision during network filtering. The hybrid model SVM-RF returned an average accuracy of 94% in 10-fold cross-validation and 92.75%in an 80-20% split during class classification.

Information Security is a unified piece of information technology that has emerged as vibrant technology in the last two decades. To manage security, authentication assumes a significant part. Biometric is the physical unique identification as well as authentication for the third party. We have proposed the security model for preventing many attacks so we are used the innermost layer as a 3DES (Triple Encryption standard) cryptography algorithm that is providing 3- key protection as 64-bit and the outermost layer used the MD5 (Message Digest) algorithm. i. e. providing 128-bit protection as well as we is using fingerprint identification as physical security that is used in third-party remote integrity auditing. Remote data integrity auditing is proposed to ensure the uprightness of the information put away in the cloud. Data Storage of cloud services has expanded paces of acknowledgment because of their adaptability and the worry of the security and privacy levels. The large number of integrity and security issues that arise depends on the difference between the customer and the service provider in the sense of an external auditor. The remote data integrity auditing is at this point prepared to be viably executed. In the meantime, the proposed scheme is depending on identity-based cryptography, which works on the convoluted testament of the executives. The safety investigation and the exhibition assessment show that the planned property is safe and productive.

Aiming at the cyber security problem of the advanced metering infrastructure(AMI), an anomaly detection method based on edge computing framework for the AMI is proposed. Due to the characteristics of the edge node of data concentrator, the data concentrator has the capability of computing a large amount of data. In this paper, distributing the intrusion detection model on the edge node data concentrator of the AMI instead of the metering center, meanwhile, two-way communication of distributed local model parameters replaces a large amount of data transmission. The proposed method avoids the risk of privacy leakage during the communication of data in AMI, and it greatly reduces communication delay and computational time. In this paper, KDDCUP99 datasets is used to verify the effectiveness of the method. The results show that compared with Deep Convolutional Neural Network (DCNN), the detection accuracy of the proposed method reach 99.05%, and false detection rate only gets 0.74%, and the results indicts the proposed method ensures a high detection performance with less communication rounds, it also reduces computational consumption.

CP-ABE (ciphertext-policy attribute-based encryption) is a promising encryption scheme. In this paper, a highly expressive revocable scheme based on the key encryption keys (KEK) tree is proposed. In this method, the cloud server realizes the cancellation of attribute-level users and effectively reduces the computational burden of the data owner and attribute authority. This scheme embeds a unique random value associated with the user in the attribute group keys. The attribute group keys of each user are different, and it is impossible to initiate a collusion attack. Computing outsourcing makes most of the decryption work done by the cloud server, and the data user only need to perform an exponential operation; in terms of security, the security proof is completed under the standard model based on simple assumptions. Under the premise of ensuring security, the scheme in this paper has the functions of revocation and traceability, and the speed of decryption calculation is also improved.

Software-defined networking (SDN) is a new networking architecture having the concept of separation of control plane and data plane that leads the existing networks to be programmable, dynamically configurable and extremely flexible. This paradigm has huge benefits to organizations and large networks, however, its security is major issue and Distributed Denial of Service (DDoS) Attack has become a serious concern for the working of SDN. In this article, we have proposed a taxonomy of DDoS Defense Mechanisms in SDN Environment. We have categorized the various DDoS detection and mitigation techniques with respect to switch intelligence, Defense Deployment, Defense Activity and Network Flow Activities.

With the maturity of Internet of things technology, massive data transmission has become the focus of research. In order to solve the problem of low speed of traditional hybrid data fast distribution algorithm for wireless sensor networks, a hybrid data fast distribution algorithm for wireless sensor networks based on visual Internet of things is designed. The logic structure of mixed data input gate in wireless sensor network is designed through the visual Internet of things. The objective function of fast distribution of mixed data in wireless sensor network is proposed. The number of copies of data to be distributed is dynamically calculated and the message deletion strategy is determined. Then the distribution parameters are calibrated, and the fitness ranking is performed according to the distribution quantity to complete the algorithm design. The experimental results show that the distribution rate of the designed algorithm is significantly higher than that of the control group, which can solve the problem of low speed of traditional data fast distribution algorithm.

With the advance in artificial intelligence and high-dimensional data analysis, federated learning (FL) has emerged to allow distributed data providers to collaboratively learn without direct access to local sensitive data. However, limiting access to individual provider’s data inevitably incurs security issues. For instance, backdoor attacks, one of the most popular data poisoning attacks in FL, severely threaten the integrity and utility of the FL system. In particular, backdoor attacks launched by multiple collusive attackers, i.e., distributed backdoor attacks, can achieve high attack success rates and are hard to detect. Existing defensive approaches, like model inspection or model sanitization, often require to access a portion of local training data, which renders them inapplicable to the FL scenarios. Recently, the norm clipping approach is developed to effectively defend against distributed backdoor attacks in FL, which does not rely on local training data. However, we discover that adversaries can still bypass this defense scheme through robust training due to its unchanged norm clipping threshold. In this paper, we propose a novel defense scheme to resist distributed backdoor attacks in FL. Particularly, we first identify that the main reason for the failure of the norm clipping scheme is its fixed threshold in the training process, which cannot capture the dynamic nature of benign local updates during the global model’s convergence. Motivated by it, we devise a novel defense mechanism to dynamically adjust the norm clipping threshold of local updates. Moreover, we provide the convergence analysis of our defense scheme. By evaluating it on four non-IID public datasets, we observe that our defense scheme effectively can resist distributed backdoor attacks and ensure the global model’s convergence. Noticeably, our scheme reduces the attack success rates by 84.23% on average compared with existing defense schemes.

The main aim of this report is to find how data security can be improved in a cloud environment using the remote data auditing technique. The research analysis of the existing journal articles that are peer-reviewed Q1 level of articles is selected to perform the analysis.The main taxonomy that is proposed in this project is being data, auditing, monitoring, and output i.e., DAMO taxonomy that is used and includes these components. The data component would include the type of data; the auditing would ensure the algorithm that would be used at the backend and the storage would include the type of database as single or the distributed server in which the data would be stored.As a result of this research, it would help understand how the data can be ensured to have the required level of privacy and security when the third-party database vendors would be used by the organizations to maintain their data. Since most of the organizations are looking to reduce their burden of the local level of data storage and to reduce the maintenance by the outsourcing of the cloud there are still many issues that occur when there comes the time to check if the data is accurate or not and to see if the data is stored with resilience. In such a case, there is a need to use the Remote Data Auditing techniques that are quite helpful to ensure that the data which is outsourced is reliable and maintained with integrity when the information is stored in the single or the distributed servers.

Nowadays cloud computing has become the crucial part of IT and most important thing is information security in cloud environment. Range of users can access the facilities and use cloud according to their feasibility. Cloud computing is utilized as safe storage of information but still data security is the biggest concern, for example, secrecy, data accessibility, data integrity is considerable factor for cloud storage. Cloud service providers provide the facility to clients that they can store the data on cloud remotely and access whenever required. Due to this facility, it gets necessary to shield or cover information from unapproved access, hackers or any sort of alteration and malevolent conduct. It is inexpensive approach to store the valuable information and doesn't require any hardware and software to hold the data. it gives excellent work experience but main measure is just security. In this work security strategies have been proposed for cloud data protection, capable to overpower the shortcomings of conventional data protection algorithms and enhancing security using steganography algorithm, encryption decryption techniques, compression and file splitting technique. These techniques are utilized for effective results in data protection, Client can easily access our developed desktop application and share the information in an effective and secured way.

In order to solve the problem of difficult verification of query results in searchable encryption, we used the idea of Shamir-secret sharing, combined with game theory, to construct a randomly verifiable multi-cloud server searchable encryption scheme to achieve the correctness of the query results in the cloud storage environment verify. Firstly, we using the Shamir-secret sharing technology, the encrypted data is stored on each independent server to construct a multi-cloud server model to realize the secure distributed storage and efficient query of data. Secondly, combined with game theory, a game tree of query server and verification server is constructed to ensure honesty while being efficient, and solve the problem of difficulty in returning search results to verify under the multi-cloud server model. Finally, security analysis and experimental analysis show that this solution effectively protects data privacy while significantly reducing retrieval time.

Data-Centric Networking (DCN) is a research project based on Named Data Networking (NDN), which focuses on the high-performance name-based forwarder, distributed pub/sub data distribution platform, distributed network storage, in-network processing platform, and blockchain-based data trading platform. In this paper, we present a design of real-time public Internet of Things (IoT) data distribution platform which is based on a Data-Centric Networking (DCN) distributed pub/sub data distribution platform.

In order to improve the status monitoring and management ability of wireless sensor networks, a dynamic data compression method based on grid deduplication is proposed. Grid-based sensor node spatial positioning and big data fusion method are adopted to realize dynamic feature mining of wireless sensor network data, extract feature sequence points of wireless sensor network data, reconstruct wireless sensor network data feature space by adopting spatial grid node recombination, build a statistical detection model of dynamic feature mining of wireless sensor network data by combining grid area grouping compression method, and realize embedded fuzzy control and joint feature distributed adaptive learning. The association matching degree of wireless sensor network data is analyzed. Combining fuzzy subspace compression and big data fusion clustering, the quantitative regression analysis model of wireless sensor network data is established. The time series reorganization of wireless sensor network database is realized by index table name, index column and other information. Compressed sensing method is used in linear fusion subspace to realize data compression and adaptive detection of wireless sensor network. Constraint feature points of wireless sensor network data compression are constructed, and dynamic compression and clustering processing of wireless sensor network data are realized at constraint points. Simulation results show that the feature clustering of data compression in wireless sensor networks is better and the storage space of data is reduced.

In this work a data provenance system for grid-oriented applications is presented. The proposed Keyless Infrastructure Security Solution (KISS) provides mechanisms to store and maintain digital data fingerprints that can later be used to validate and assert data provenance using a time-based, hash tree mechanism. The developed solution has been designed to satisfy the stringent requirements of the modern power grid including execution time and storage necessities. Its applicability has been tested using a lab-scale, proof-of-concept deployment that secures an energy management system against the attack sequence observed on the 2016 Ukrainian power grid cyberattack. The results demonstrate a strong potential for enabling data provenance in a wide array of applications, including speed-sensitive applications such as those found in control room environments.

Nowadays , cloud -based technology has been enlarged depends on the human necessities in the world. A lot of technologies is discovered that serve the people in different ways of cloud -based security and best resource allocation. Cloud-based technology is the essential factor to the resources like hardware, software for effective resource utilization . The securing applications enabled security mechanism enables the vital role for cloud -based web security through the secured password. The violation of data by the unauthorized access of users concerns many web developers and application owners . Web security enables the cloud-based password management system that illustrates the data storage and the web passwords access through the "Cloud framework". Web security, End-to-end passwords , and all the browser -based passwords could belong to the analysis of web security . The aim is to enhance system security. Thus, sensitive data are sustained with security and privacy . In this paper , the proposed Password Management via cloud-based web security gets to attain . An efficient Double Layer Password Encryption (DLPE ) algorithm to enable the secured password management system . Text -based passwords continue to be the most popular method of online user identification . They safeguard internet accounts with important assets against harmful attempts on passwords. The security of passwords is dependent on the development of strong passwords and keeping them from being stolen by intruders . The proposed DLPE algorithm perceived the double - layer encryption system as an effective security concern. When the data user accesses the user Login , the OTP generates via mail /SMS , and the original message is encrypted using public key generation. Then the text of data gets doubly encrypted through the cloud framework . The private key is used to decipher the cipher text . If the OTP gets matched , the text is to be decrypted over the text data . When double encryption happens , the detection of data flaws, malicious attacks , application hackers gets reduced and the strong password enabled double-layer encryption attained the secured data access without any malicious attackers . The data integrity , confidentiality enabled password management . The ability to manage a distributed systems policy like the Double Layer Password encryption technique enables password verification for the data used to highly secure the data or information.

Distributed Denial of Service (DDoS) attacks pose a considerable threat to Cloud Computing, Internet of Things (IoT) and other services offered on the Internet. The victim server receives terabytes of data per second during the DDoS attack. It may take hours to examine them to detect a potential threat, leading to denial of service to legitimate users. Processing vast volumes of traffic to mitigate the attack is a challenging task for network administrators. High-performance techniques are more suited for processing DDoS attack traffic compared to Sequential Processing Techniques. This paper proposes a Multi-Core Parallel Processing Technique to prepare the time series data for the early detection of DDoS flooding attacks. Different time series analysis methods are suggested to detect the attack early on. Producing time series data using parallel processing saves time and further speeds up the detection of the attack. The proposed method is applied to the benchmark data set CICDDoS2019 for generating four different time series to detect TCP-based flooding attacks, namely TCP-SYN, TCP-SYN-ACK, TCP-ACK, and TCP-RST. The implementation results show that the proposed method can give a speedup of 2.3 times for processing attack traffic compared to sequential processing.

The popularity of cloud storage among data users is due to easy maintenance, and no initial infrastructure setup cost as compared to local storage. However, although the data users outsource their data to cloud storage (a third party) still, they concern about their physical data. To check whether the data stored in the cloud storage has been modified or not, public auditing of the data is required before its utilization. To audit over vast outsourced data, the availability of the auditor is an essential requirement as nowadays, data owners are using mobile devices. But unfortunately, a single auditor leads to a single point of failure and inefficient to preserve the security and correctness of outsourced data. So, we introduce a distributed public auditing scheme which is based on peer-to-peer (P2P) architecture. In this work, the auditors are organized using a distributed hash table (DHT) mechanism and audit the outsourced data with the help of a published hashed key of the data. The computation and communication overhead of our proposed scheme is compared with the existing schemes, and it found to be an effective solution for public auditing on outsourced data with no single point of failure.