Geguang Pu

Bio: Geguang Pu is an academic researcher from East China Normal University. The author has contributed to research in topics: Vehicular ad hoc network & Edge device. The author has an hindex of 2, co-authored 2 publications receiving 23 citations.

Blockchain and Federated Learning for Collaborative Intrusion Detection in Vehicular Edge Computing

Abstract: The vehicular networks constructed by interconnected vehicles and transportation infrastructure are vulnerable to cyber-intrusions due to the expanded use of software and the introduction of wireless interfaces. Intrusion detection systems (IDSs) can be customized efficiently in response to this increased attack surface. There has been significant progress in detecting malicious attack traffic using machine learning approaches. However, existing IDSs require network devices with powerful computing capabilities to continuously train and update complex network models, which reduces the efficiency and defense capability of intrusion detection systems due to limited resources and untimely model updates. This work proposes a cooperative intrusion detection mechanism that offloads the training model to distributed edge devices (e.g., connected vehicles and roadside units (RSUs). Distributed federated-based approach reduces resource utilization of the central server while assuring security and privacy. To ensure the security of the aggregation model, blockchain is used for the storage and sharing of the training models. This work analyzes common attacks and shows that the proposed scheme achieves cooperative privacy-preservation for vehicles while reducing communication overhead and computation cost.

Blockchain Empowered Cooperative Authentication With Data Traceability in Vehicular Edge Computing

Abstract: The dynamic environment due to traffic mobility and wireless communication from/to vehicles make identity authentication and trust management for privacy preservation based on vehicular edge computing (VEC) an increasingly important problem in vehicular networks. However, existing authentication schemes mainly focus on communication between a single trusted edge computing node and multiple vehicles. This framework may suffer the bottleneck problem due to the single edge computing node, and the performance depends heavily on its resources. In this paper, a blockchain empowered group-authentication scheme is proposed for vehicles with decentralized identification based on secret sharing and dynamic proxy mechanism. Sub-authentication results are aggregated for trust management based blockchain to implement collaborative authentication. The edge computing node with a higher-reputation stored in the tamper-proof blockchain can upload the final aggregated authentication result to the central server to achieve the decentralized authentication. This work analyzes typical attacks for this scheme and shows that the proposed scheme achieves cooperative privacy preservation for vehicles while also reducing communication overhead and computation cost.

Convergence of Blockchain and Edge Computing for Secure and Scalable IIoT Critical Infrastructures in Industry 4.0

Abstract: Critical infrastructure systems are vital to underpin the functioning of a society and economy. Due to the ever-increasing number of Internet-connected Internet-of-Things (IoT)/Industrial IoT (IIoT), and the high volume of data generated and collected, security and scalability are becoming burning concerns for critical infrastructures in industry 4.0. The blockchain technology is essentially a distributed and secure ledger that records all the transactions into a hierarchically expanding chain of blocks. Edge computing brings the cloud capabilities closer to the computation tasks. The convergence of blockchain and edge computing paradigms can overcome the existing security and scalability issues. In this article, we first introduce the IoT/IIoT critical infrastructure in industry 4.0, and then we briefly present the blockchain and edge computing paradigms. After that, we show how the convergence of these two paradigms can enable secure and scalable critical infrastructures. Then, we provide a survey on the state of the art for security and privacy and scalability of IoT/IIoT critical infrastructures. A list of potential research challenges and open issues in this area is also provided, which can be used as useful resources to guide future research.

A Survey on Security and Privacy Issues in Edge-Computing-Assisted Internet of Things

Abstract: Internet of Things (IoT) is an innovative paradigm envisioned to provide massive applications that are now part of our daily lives. Millions of smart devices are deployed within complex networks to provide vibrant functionalities, including communications, monitoring, and controlling of critical infrastructures. However, this massive growth of IoT devices and the corresponding huge data traffic generated at the edge of the network created additional burdens on the state-of-the-art centralized cloud computing paradigm due to the bandwidth and resource scarcity. Hence, edge computing (EC) is emerging as an innovative strategy that brings data processing and storage near to the end users, leading to what is called the EC-assisted IoT. Although this paradigm provides unique features and enhanced Quality of Service (QoS), it also introduces huge risks in data security and privacy aspects. This article conducts a comprehensive survey on security and privacy issues in the context of EC-assisted IoT. In particular, we first present an overview of EC-assisted IoT, including definitions, applications, architecture, advantages, and challenges. Second, we define security and privacy in the context of EC-assisted IoT. Then, we extensively discuss the major classifications of attacks in EC-assisted IoT and provide possible solutions and countermeasures along with the related research efforts. After that, we further classify some security and privacy issues as discussed in the literature based on security services and based on security objectives and functions. Finally, several open challenges and future research directions for secure EC-assisted IoT paradigm are also extensively provided.

Federated Deep Learning for Zero-Day Botnet Attack Detection in IoT Edge Devices

Abstract: Deep Learning (DL) has been widely proposed for botnet attack detection in Internet of Things (IoT) networks. However, the traditional Centralized DL (CDL) method cannot be used to detect previously unknown (zero-day) botnet attack without breaching the data privacy rights of the users. In this paper, we propose Federated Deep Learning (FDL) method for zero-day botnet attack detection to avoid data privacy leakage in IoT edge devices. In this method, an optimal Deep Neural Network (DNN) architecture is employed for network traffic classification. A model parameter server remotely coordinates the independent training of the DNN models in multiple IoT edge devices, while Federated Averaging (FedAvg) algorithm is used to aggregate local model updates. A global DNN model is produced after a number of communication rounds between the model parameter server and the IoT edge devices. Zero-day botnet attack scenarios in IoT edge devices is simulated with the Bot-IoT and N-BaIoT data sets. Experiment results show that FDL model: (a) detects zero-day botnet attacks with high classification performance; (b) guarantees data privacy and security; (c) has low communication overhead (d) requires low memory space for the storage of training data; and (e) has low network latency. Therefore, FDL method outperformed CDL, Localized DL, and Distributed DL methods in this application scenario.

Behavioral Biometrics for Continuous Authentication in the Internet-of-Things Era: An Artificial Intelligence Perspective

Abstract: In the Internet-of-Things (IoT) era, user authentication is essential to ensure the security of connected devices and the customization of passive services However, conventional knowledge-based and physiological biometric-based authentication systems (eg, password, face recognition, and fingerprints) are susceptible to shoulder surfing attacks, smudge attacks, and heat attacks The powerful sensing capabilities of IoT devices, including smartphones, wearables, robots, and autonomous vehicles enable continuous authentication (CA) based on behavioral biometrics The artificial intelligence (AI) approaches hold significant promise in sifting through large volumes of heterogeneous biometrics data to offer unprecedented user authentication and user identification capabilities In this survey article, we outline the nature of CA in IoT applications, highlight the key behavioral signals, and summarize the extant solutions from an AI perspective Based on our systematic and comprehensive analysis, we discuss the challenges and promising future directions to guide the next generation of AI-based CA research