Xiao Zheng,Mingchu Li,Syed Bilal Hussain Shah,Dinh-Thuan Do,Yuanfang Chen,Constandinos X. Mavromoustakis,George Mastorakis,Evangelos Pallis

DOI: https://doi.org/10.1145/3458931

IF: 5.3

2022-01-01

ACM Transactions on Internet Technology

Abstract:The implementation of a variety of complex and energy-intensive mobile applications by resource-limited mobile devices (MDs) is a huge challenge. Fortunately, mobile edge computing (MEC) as a new computing paragon can offer rich resources to perform all or part of the MD’s task, which greatly reduces the energy consumption of the MD and improves the quality of service (QoS) for applications. However, offloading tasks to the edge server is vulnerable to attacks such as tampering and snooping, resulting in a deep learning (DL) security feature developed by major cloud service providers. An effective security strategy method to minimize ongoing attacks in the MEC setting is proposed. The algorithm is based on the synthetic principle of a special set of strategies, and it can quickly construct suboptimal solutions even if the number of targets achieves hundreds of millions. In addition, for a given structure and a given number of patrollers, the upper bound of the protection level can be obtained, and the lower bound required for a given protection level can also be inferred. These bounds apply to universal strategies. By comparing with the previous three basic experiments, it can be proved that our algorithm is better than the previous ones in terms of security and running time.

Lunyuan Chen,Shunpu Tang,Venki Balasubramanian,Junjuan Xia,Fasheng Zhou,Lisheng Fan

DOI: https://doi.org/10.1016/j.comcom.2022.07.037

IF: 5.047

2022-10-01

Computer Communications

Abstract:This paper studies a secure mobile edge computing (MEC) for emerging cyber physical systems (CPS), where there exist K eavesdroppers in the network, which can threaten the task offloading. These K eavesdroppers can work either in a colluding mode where they cooperate to decode the secret message, or in a non-colluding mode where the eavesdroppers decode the message individually. For both eavesdropping nodes, we design the secure MEC system by devising a computation offloading ratio, transmit power and computational capability allocation to optimize the system performance mainly measured by the latency. In particular, a novel deep reinforcement learning (DRL) together with convex optimization (DRCO) is proposed, where the DRL is used to find a proper solution to the offloading ratio, while the convex optimization is implemented to solve the allocation of transmission power and computational capability. Simulation results show that the proposed DRCO method is superior to other conventional methods, and can provide a guaranteed secrecy and latency.

computer science, information systems,telecommunications,engineering, electrical & electronic

Peihe Yan,Shanshan Tu,Mao Wang

DOI: https://doi.org/10.1145/3638782.3638811

2024-01-01

Abstract:Authentication is the first line of defense in communication security. Physical layer authentication (PLA) based on Channel Impulse Response (CIR) offers a lightweight approach. Unlike traditional cryptographic-based authentication, physical layer authentication identifies data packets through wireless CIRs. This avoids the compatibility requirements of upper-layer protocols and presents advantages such as flexibility in authentication methods and suitability for massive heterogeneous terminal access. However, current physical layer authentication often requires illegal CIR samples, which are hard to obtain. Furthermore, training for deep learning-based physical layer authentication requires numerous samples, and the low latency characteristics of Mobile Edge Computing (MEC) means it might not have ample time to gather sufficient signals, reducing authentication performance. This paper presents a physical layer authentication scheme based on deep learning, mapping CIRs to device locations, and further mapping to their authentication, achieving multi-user physical layer authentication. In the absence of illegal device CIR samples, it discriminates against illegal devices and classifies legal devices. Moreover, a data augmentation technique using noise injection is employed to enhance the performance of the multi-user physical layer authentication scheme, speeding up the training process. Extensive experiments on public datasets confirm the efficacy of our approach.

Yuanfang Chen,Yan Zhang,Sabita Maharjan

DOI: https://doi.org/10.48550/arXiv.1709.08025

2017-09-23

Abstract:Mobile edge computing (MEC) is a promising approach for enabling cloud-computing capabilities at the edge of cellular networks. Nonetheless, security is becoming an increasingly important issue in MEC-based applications. In this paper, we propose a deep-learning-based model to detect security threats. The model uses unsupervised learning to automate the detection process, and uses location information as an important feature to improve the performance of detection. Our proposed model can be used to detect malicious applications at the edge of a cellular network, which is a serious security threat. Extensive experiments are carried out with 10 different datasets, the results of which illustrate that our deep-learning-based model achieves an average gain of 6% accuracy compared with state-of-the-art machine learning algorithms.

Cryptography and Security,Machine Learning,Networking and Internet Architecture

Run-Fa Liao,Hong Wen,Songlin Chen,Feiyi Xie,Fei Pan,Jie Tang,Huanhuan Song

DOI: https://doi.org/10.1109/jiot.2019.2960099

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Unlike most of the upper layer authentication mechanisms, the physical (PHY) layer authentication takes advantages of channel impulse response from wireless propagation to identify transmitted packages with low-resource consumption, and machine learning methods are effective ways to improve its implementation. However, the training of the machine-learning-based PHY-layer authentication requires a large number of training samples, which makes the training process time consuming and computationally resource intensive. In this article, we propose a data augmented multiuser PHY-layer authentication scheme to enhance the security of mobile-edge computing system, an emergent architecture in the Internet of Things (IoT). Three data augmentation algorithms are proposed to speed up the establishment of the authentication model and improve the authentication success rate. By combining the deep neural network with data augmentation methods, the performance of the proposed multiuser PHY-layer authentication scheme is improved and the training speed is accelerated, even with fewer training samples. Extensive simulations are conducted under the real industry IoT environment and the figures illustrate the effectiveness of our approach.

Yichao Chen,Cheng Zeng,Xin Zhou,Liang Huang,Shibo He

DOI: https://doi.org/10.1109/iccc62479.2024.10681994

2024-01-01

Abstract:Mobile edge computing (MEC) is gaining popularity, as it can improve mobile application performance by offloading local computation to edge servers. However, due to the openness of wireless communication, the confidentiality of MEC data transmission, especially the uploading, is endangered by eavesdropping attacks, whose risks have not been thoroughly depicted, evaluated and managed in the literature. In this paper, we investigate the application of friendly jamming (FJ) from base station (BS) and a nearby user to improve physical layer security (PLS) for MEC services. Further, we propose an adjustable multilevel assessment framework for user to evaluate confidentiality risks, and model the impact of its subjective biases under uncertainty based on Prospect Theory (PT). Then, we formulate an operator’s net income maximization problem by jointly considering effective data rate, user satisfaction, antenna usage, upload/FJ power consumption and FJ incentive cost. To solve the highly complex problem, we propose a two-stage control scheme, which first optimizes the secrecy capacity and then maximizes the effective data rate that achieves user satisfaction. By simulation, we evaluate the secrecy performance of the scheme under various conditions, and compare it with the one based on expected utility theory (EUT).

Run-Fa Liao,Hong Wen,Jinsong Wu,Fei Pan,Aidong Xu,Yixin Jiang,Feiyi Xie,Minggui Cao

DOI: https://doi.org/10.3390/s19112440

IF: 3.9

2019-01-01

Sensors

Abstract:In this paper, a deep learning (DL)-based physical (PHY) layer authentication framework is proposed to enhance the security of industrial wireless sensor networks (IWSNs). Three algorithms, the deep neural network (DNN)-based sensor nodes' authentication method, the convolutional neural network (CNN)-based sensor nodes' authentication method, and the convolution preprocessing neural network (CPNN)-based sensor nodes' authentication method, have been adopted to implement the PHY-layer authentication in IWSNs. Among them, the improved CPNN-based algorithm requires few computing resources and has extremely low latency, which enable a lightweight multi-node PHY-layer authentication. The adaptive moment estimation (Adam) accelerated gradient algorithm and minibatch skill are used to accelerate the training of the neural networks. Simulations are performed to evaluate the performance of each algorithm and a brief analysis of the application scenarios for each algorithm is discussed. Moreover, the experiments have been performed with universal software radio peripherals (USRPs) to evaluate the authentication performance of the proposed algorithms. Due to the trainings being performed on the edge sides, the proposed method can implement a lightweight authentication for the sensor nodes under the edge computing (EC) system in IWSNs.

Yijia Guo,Junqing Zhang,Y. -W. Peter Hong

DOI: https://doi.org/10.1109/globecom54140.2023.10437299

2023-01-01

Abstract:The Internet of Things (IoT) is ubiquitous thanks to the rapid development of wireless technology. However, the broadcast nature of wireless transmission results in great challenges to the security authentication for large-scale IoT. In this paper, we propose a novel physical layer authentication approach for mobile scenarios employing deep learning and channel state information (CSI). Specifically, the convolution neural network (CNN) is designed to learn the temporal and spatial similarity between CSIs and output a score to measure the difference between the input CSIs. Device authentication is achieved by comparing the score to an empirically obtained threshold. We build a WiFi-based testbed and carry out a comprehensive experimental evaluation. The performance of using the CSI magnitude and real & imaginary parts is compared. The effect of the distance between legitimate and rogue devices on authentication performance is studied. The generalization performance of the CNN model in different test scenarios is also evaluated. Experiment results demonstrate the effectiveness of the proposed CNN-based authentication over conventional correlation-based authentication schemes.

Lianhong Zhang,Shiwei Lai,Junjuan Xia,Chongzhi Gao,Dahua Fan,Jianghong Ou

DOI: https://doi.org/10.1016/j.phycom.2022.101896

IF: 2.379

2022-12-01

Physical Communication

Abstract:In this paper, we investigate an intelligent reflecting surface (IRS)-assisted mobile edge computing (MEC) network under physical-layer security, where users can partially offload confidential and compute-intensive tasks to a computing access point (CAP) with the help of the IRS. We consider an eavesdropping environment, where an eavesdropper steals information from the communication. For the considered MEC network, we firstly design a secure data transmission rate to ensure physical-layer security. Moreover, we formulate the optimization target as minimizing the system cost linearized by the latency and energy consumption (ENCP). In further, we employ a deep deterministic policy gradient (DDPG) to optimize the system performance by allocating the offloading ratio and wireless bandwidth and computational capability to users. Finally, considering the impacts from different resources, based on DDPG, seeing our optimization strategy as one criterion, we designed other criteria with different resource allocation schemes. And some simulation results are given to demonstrate that our proposed criterion outperforms other criteria.

telecommunications,engineering, electrical & electronic

Yichao Chen,Kai Zhao,Heng Zhang,Shibo He

DOI: https://doi.org/10.1109/jiot.2023.3272113

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:Mobile edge computing (MEC) is becoming popular in many civilian applications. However, due to the broadcast nature of wireless connections, traditional MEC is open to eavesdropping attacks that endanger mobile users’ information confidentiality. Friendly jamming (FJ), as one of the physical layer security techniques, can efficiently protect users from such threats by degrading attackers’ wiretap channel capacities. In this paper, we propose an FJ-based physical layer security (PLS) mechanism to safeguard the confidentiality of data uploading in MEC services. We design a comprehensive security scheme that uses FJ from both base station (BS) and nearby mobile users to cover upload transmission. Accordingly, the eavesdropping risk zone (ERZ) is formulated as an area under high secrecy outage probability (SOP). To promote FJ from users, we further introduce Device-to-device (D2D) communication-based FJ, which is inspired by non-orthogonal multiple access (NOMA) techniques. Then, we formulate, simplify, and solve the problem by optimizing the MEC secrecy performance under the required risk, with efficiencies in data uploading, energy consumption, and incentive delivery. Furthermore, we tackle the challenge of efficient incentive design under information asymmetry by introducing Contract Theory and providing differentiated rewards. By simulations, we evaluate the mechanism in terms of secrecy performance and incentive efficiency under information asymmetry, and the results accordingly show the effectiveness of the proposed security mechanism.

computer science, information systems,telecommunications,engineering, electrical & electronic

Kai Fang,Yuxuan Ouyang,Beixiong Zheng,Lei Huang,Gang Wang,Zhen Chen

DOI: https://doi.org/10.1109/tcomm.2024.3476139

IF: 6.166

2024-01-01

IEEE Transactions on Communications

Abstract:Mobile edge computing (MEC) has emerged as a cutting-edge technique that brings computation and storage resources closer to the edge of the mobile network. However, MEC is vulnerable to be attacked by malicious users. To improve the security of computation tasks and enhance user connectivity, we design a deep reinforcement learning (DRL) network for reconfigurable intelligence surface (RIS)-aided MEC system. Specifically, we jointly optimize the phase shifts at the RIS, tasks offloaded by users and task assignment to maximize the secrecy offloading capacity and minimize energy consumption under different delay requirements of users. Furthermore, a multi-agent twin delayed deep deterministic policy gradient (TD3)-based algorithm is exploited to tackle the non-convex optimization problem. Numerical results validate the feasibility and applicability of our proposed scheme, demonstrating that the proposed scheme significantly improves the security and energy performance of the system compared to the baseline DRL algorithm.

Yuan Xu,Yanwei Zhou,Bo Yang,Zirui Qiao,Zhaolong Wang,Zhe Xia,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2022.3185258

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:As a novel communication architecture, mobile edge computing (MEC) not only satisfies customers’ needs in real-time data processing and analysis, but also alleviates the inherent limitations in cloud computing. However, the MEC inherits some security and privacy challenges from cloud computing, most of the existing security solutions in the literature cannot meet the requirements of increasing user experience. To further address the aforementioned issues, in this article, an efficient identity authenticated protocol with provable security and anonymity is created for the MEC. The proposed protocol ensures that users remain anonymous during communication, and its security can be rigorously proved based on the classic complexity assumptions in the random oracle model. The experiment results demonstrate that our scheme enjoys relatively fewer overheads in computation costs. Therefore, our protocol is more suitable for efficient application requirement of identity authentication in the MEC.

Xiaozhen Lu,Liang Xiao,Tangwei Xu,Yifeng Zhao,Yuliang Tang,Weihua Zhuang

DOI: https://doi.org/10.1109/tvt.2020.2967026

IF: 6.8

2020-01-01

IEEE Transactions on Vehicular Technology

Abstract:Mobile edge computing in vehicular ad hoc networks (VANETs) suffers from rogue edge attacks due to the vehicle mobility and the network scale. In this paper, we present a physical authentication scheme to resist rogue edge attackers whose goal is to send spoofing signals to attack VANETs. This authentication scheme exploits the channel states of the shared ambient radio signals of the mobile device and its serving edge such as the onboard unit during the same moving trace and applies reinforcement learning to select the authentication modes and parameters. By applying transfer learning to save the learning time and applies deep learning to further improve the authentication performance, this scheme enables mobile devices in VANETs to optimize their authentication modes and parameters without being aware of the VANET channel model, the packet generation model, and the spoofing model. We provide the convergence bound such as the mobile device utility, evaluate the computational complexity of the physical authentication scheme, and verify the analysis results via simulations. Simulation and experimental results show that this scheme improves the authentication accuracy with reduced energy consumption against rogue edge attacks.

Xiaoying Jia,Min Luo,Kim-Kwang Raymond Choo,Li,Debiao He

DOI: https://doi.org/10.1109/jsyst.2019.2896064

IF: 4.802

2019-01-01

IEEE Systems Journal

Abstract:Mobile edge computing (MEC) allows one to overcome a number of limitations inherent in cloud computing, although achieving the broad range of security requirements in MEC settings remains challenging. In this paper, we focus on achieving mutual authentication with anonymity and untraceability, as this is crucial in ensuring data security and user privacy. Specifically, we design an identity-based anonymous authenticated key agreement protocol for the MEC environment. The proposed protocol achieves mutual authentication in only a single message exchange round, as well as assures both user anonymity and un-traceability. We then evaluate the security and performance of the protocol, and demonstrate that it achieves the required security properties and outperforms prior approaches in terms of communicational and computational costs.

Songlin Chen,Hong Wen,Jinsong Wu,Jie Chen,Wenjie Lin,Lin Hu,Yi Chen

DOI: https://doi.org/10.1155/2018/6039878

2018-01-01

Wireless Communications and Mobile Computing

Abstract:By utilizing the radio channel information to detect spoofing attacks, channel based physical layer (PHY-layer) enhanced authentication can be exploited in light-weight securing 5G wireless communications. One major obstacle in the application of the PHY-layer authentication is its detection rate. In this paper, a novel authentication method is developed to detect spoofing attacks without a special test threshold while a trained model is used to determine whether the user is legal or illegal. Unlike the threshold test PHY-layer authentication method, the proposed AdaBoost based PHY-layer authentication algorithm increases the authentication rate with one-dimensional test statistic feature. In addition, a two-dimensional test statistic features authentication model is presented for further improvement of detection rate. To evaluate the feasibility of our algorithm, we implement the PHY-layer spoofing detectors in multiple-input multiple-output (MIMO) system over universal software radio peripherals (USRP). Extensive experiences show that the proposed methods yield the high performance without compromising the computing complexity.

Ruizhong Du,Lin Zhen

DOI: https://doi.org/10.1016/j.cose.2021.102559

2022-02-01

Abstract:Wireless system in industrial scene plays an important role in the process of automation. This kind of system urgently needs low complexity, lightweight, high security authentication mechanism. The emergence of physical layer authentication meets these requirements. However, the existing authentication mechanism based on binary hypothesis testing can only perform ideally under fixed conditions, and cannot distinguish multiple users; The authentication mechanism based on deep neural network (DNN) algorithm has limitations in small sample learning and parameter setting. In order to further improve the accuracy of authentication in dynamic industrial scenarios, a new multiuser physical layer authentication scheme is proposed. The mechanism uses machine learning algorithm based on autonomous parameter optimization to replace the traditional decision making method based on user-defined threshold, and is suitable for small sample learning. This paper takes the channel matrix estimated by the mobile node as the authentication input, obtains different channel matrix dimensions through down sampling, and finds out the optimal channel matrix dimension through experiments, so as to reduce the running time and improve the authentication accuracy. A large number of simulations are carried out using the public dynamic industrial scene data set. Compared with the existing authentication schemes, the proposed authentication scheme further improves the accuracy of multiuser authentication in dynamic industrial scenarios.

computer science, information systems

Xuguo Wang,Ligeng Chen,Yu Liang,Hao Huang

DOI: https://doi.org/10.1142/S0218194023500390

IF: 1.007

2023-01-01

International Journal of Software Engineering and Knowledge Engineering

Abstract:To address the emerging security challenges in Multi-Access Edge Computing (MEC), it is imperative that solutions go beyond the current infrastructure-centric measures. These methods, including authentication and access control, are insufficient to combat malware that conceals itself within ME applications. The acknowledged flaws in the ME application layer necessitate an immediate call for creative solutions. In this work, we propose a non-invasive security architecture for MEC, meticulously designed to strike a balance between performance burden and security protection capabilities. The objective of the design contains three major aspects, i.e. user experience, service density and serviceability. We conduct a thorough evaluation that enables us to quantify the significance of high bandwidth, low user experience latency and MEC serviceability. The experimental results and ablation studies indicate that our proposed method effectively balances user experience and security capabilities. This not only provides a practical and cost-effective solution but also establishes a strong precedent for the community to develop a secure MEC with superior performance in real-world production environments.

Lei Chen,Chong Guo,Bei Gong,Muhammad Waqas,Lihua Deng,Haowen Qin

DOI: https://doi.org/10.1186/s13677-024-00631-x

2024-03-24

Journal of Cloud Computing

Abstract:The widespread adoption of fifth-generation mobile networks has spurred the rapid advancement of mobile edge computing (MEC). By decentralizing computing and storage resources to the network edge, MEC significantly enhances real-time data access services and enables efficient processing of large-scale dynamic data on resource-limited devices. However, MEC faces considerable security challenges, particularly in cross-domain service environments, where every device poses a potential security threat. To address this issue, this paper proposes a secure cross-domain authentication scheme based on a threshold signature tailored to MEC's multi-subdomain nature. The proposed scheme employs a (t,n) threshold mechanism to bolster system resilience and security, catering to large-scale, dynamic, and decentralized MEC scenarios. Additionally, the proposed scheme features an efficient authorization update function that facilitates the revocation of malicious nodes. Security analysis confirmed that the proposed scheme satisfies unforgeability, collusion resistance, non-repudiation and forward security. Theoretical evaluation and experimental simulation verify the effectiveness and feasibility of the proposed scheme. Compared with existing schemes, the proposed scheme has higher computational performance while implementing secure authorization updates.

Naixin Kang,Zhenhu Ning,Shiqiang Zhang,Sadaqat ur Rehman,Waqas

DOI: https://doi.org/10.32604/cmc.2023.029711

2023-01-01

Abstract:With the development of sensor technology and wireless communication technology, edge computing has a wider range of applications. The privacy protection of edge computing is of great significance. In the edge computing system, in order to ensure the credibility of the source of terminal data, mobile edge computing (MEC) needs to verify the signature of the terminal node on the data. During the signature process, the computing power of edge devices such as wireless terminals can easily become the bottleneck of system performance. Therefore, it is very necessary to improve efficiency through computational offloading. Therefore, this paper proposes an identity-based edge computing anonymous authentication protocol. The protocol realizes mutual authentication and obtains a shared key by encrypting the mutual information. The encryption algorithm is implemented through a thresholded identity-based proxy ring signature. When a large number of terminals offload computing, MEC can set the priority of offloading tasks according to the user’s identity and permissions, thereby improving offloading efficiency. Security analysis shows that the scheme can guarantee the anonymity and unforgeability of signatures. The probability of a malicious node forging a signature is equivalent to cracking the discrete logarithm puzzle. According to the efficiency analysis, in the case of MEC offloading, the computational complexity is significantly reduced, the computing power of edge devices is liberated, and the signature efficiency is improved.

computer science, information systems,materials science, multidisciplinary

Aidong Xu,Minggui Cao,Runfa Liao,Yunan Zhang,Yixin Jiang,Yi Chen,Hong Wen,Jinran Du

DOI: https://doi.org/10.1088/1755-1315/428/1/012019

2020-01-01

IOP Conference Series Earth and Environmental Science

Abstract:Edge computing can meet the needs of many industries in real-time business control, security and privacy protection. In the process of massive heterogeneous terminals accessing the network through edge devices, it is very challenging to achieve fast and reliable authentication. The physical layer authentication technology authenticates through the channel characteristics, which has the characteristics of lightweight, and can well adapt to the authentication scenario of massive heterogeneous terminal access. In order to identify malicious nodes, this paper proposes an attack identification scheme of malicious nodes under edge computing. The new channel response information vector is constructed by using the correlation between the channel information of consecutive frames. Two or more time slot channel frequency response vectors are averaged to obtain a new channel response vector. It has the advantages of low computational complexity and high recognition accuracy. And combined with the channel frequency response based on the deep neural network to identify malicious nodes, the data set in the factory environment is simulated.