Sort:
Open Access Issue
Endogenous Security Formal Definition, Innovation Mechanisms, and Experiment Research in Industrial Internet
Tsinghua Science and Technology 2024, 29(2): 492-505
Published: 22 September 2023
Abstract PDF (4.3 MB) Collect
Downloads:26

With the rapid development of information technologies, industrial Internet has become more open, and security issues have become more challenging. The endogenous security mechanism can achieve the autonomous immune mechanism without prior knowledge. However, endogenous security lacks a scientific and formal definition in industrial Internet. Therefore, firstly we give a formal definition of endogenous security in industrial Internet and propose a new industrial Internet endogenous security architecture with cost analysis. Secondly, the endogenous security innovation mechanism is clearly defined. Thirdly, an improved clone selection algorithm based on federated learning is proposed. Then, we analyze the threat model of the industrial Internet identity authentication scenario, and propose cross-domain authentication mechanism based on endogenous key and zero-knowledge proof. We conduct identity authentication experiments based on two types of blockchains and compare their experimental results. Based on the experimental analysis, Ethereum alliance blockchain can be used to provide the identity resolution services on the industrial Internet. Internet of Things Application (IOTA) public blockchain can be used for data aggregation analysis of Internet of Things (IoT) edge nodes. Finally, we propose three core challenges and solutions of endogenous security in industrial Internet and give future development directions.

Open Access Issue
Federated Learning Security and Privacy-Preserving Algorithm and Experiments Research Under Internet of Things Critical Infrastructure
Tsinghua Science and Technology 2024, 29(2): 400-414
Published: 22 September 2023
Abstract PDF (2.3 MB) Collect
Downloads:94

The widespread use of the Internet of Things (IoTs) and the rapid development of artificial intelligence technologies have enabled applications to cross commercial and industrial band settings. Within such systems, all participants related to commercial and industrial systems must communicate and generate data. However, due to the small storage capacities of IoT devices, they are required to store and transfer the generated data to third-party entity called "cloud" , which creates one single point to store their data. However, as the number of participants increases, the size of generated data also increases. Therefore, such a centralized mechanism for data collection and exchange between participants is likely to face numerous challenges in terms of security, privacy, and performance. To address these challenges, Federated Learning (FL) has been proposed as a reasonable decentralizing approach, in which clients no longer need to transfer and store real data in the central server. Instead, they only share updated training models that are trained over their private datasets. At the same time, FL enables clients in distributed systems to share their machine learning models collaboratively without their training data, thus reducing data privacy and security challeges. However, slow model training and the execution of additional unnecessary communication rounds may hinder FL applications from operating properly in a distributed system. Furthermore, these unnecessary communication rounds make the system vulnerable to security and privacy issues, because irrelevant model updates are sent between clients and servers. Thus, in this work, we propose an algorithm for fully homomorphic encryption called Cheon-Kim-Kim-Song (CKKS) to encrypt model parameters for their local information privacy-preserving function. The proposed solution uses the impetus term to speed up model convergence during the model training process. Furthermore, it establishes a secure communication channel between IoT devices and the server. We also use a lightweight secure transport protocol to mitigate the communication overhead, thereby improving communication security and efficiency with low communication latency between client and server.

Open Access Issue
Security Issues and Defensive Approaches in Deep Learning Frameworks
Tsinghua Science and Technology 2021, 26(6): 894-905
Published: 09 June 2021
Abstract PDF (2.3 MB) Collect
Downloads:69

Deep learning frameworks promote the development of artificial intelligence and demonstrate considerable potential in numerous applications. However, the security issues of deep learning frameworks are among the main risks preventing the wide application of it. Attacks on deep learning frameworks by malicious internal or external attackers would exert substantial effects on society and life. We start with a description of the framework of deep learning algorithms and a detailed analysis of attacks and vulnerabilities in them. We propose a highly comprehensive classification approach for security issues and defensive approaches in deep learning frameworks and connect different attacks to corresponding defensive approaches. Moreover, we analyze a case of the physical-world use of deep learning security issues. In addition, we discuss future directions and open issues in deep learning frameworks. We hope that our research will inspire future developments and draw attention from academic and industrial domains to the security of deep learning frameworks.

Total 3