Xiaoyu Ji,Wenjun Zhu,Shilin Xiao,Wenyuan Xu

DOI: https://doi.org/10.1038/s44287-024-00073-2

2024-01-01

Abstract:Sensors are extensively used in the Internet of Things (IoT) applications, enhancing daily convenience but also raising concerns about privacy leakage. To address this, we advocate for protecting data privacy at the moment it is generated by sensors, rather than trying to secure it afterwards.

Yan Huo,Chun Meng,Ruinian Li,Tao Jing

DOI: https://doi.org/10.23919/JCC.2020.10.001

2020-01-01

China Communications

Abstract:The concept of Internet of Everything is like a revolutionary storm, bringing the whole society closer together. Internet of Things (IoT) has played a vital role in the process. With the rise of the concept of Industry 4.0, intelligent transformation is taking place in the industrial field. As a new concept, an industrial IoT system has also attracted the attention of industry and academia. In an actual industrial scenario, a large number of devices will generate numerous industrial datasets. The computing efficiency of an industrial IoT system is greatly improved with the help of using either cloud computing or edge computing. However, privacy issues may seriously harmed interests of users. In this article, we summarize privacy issues in a cloud- or an edge-based industrial IoT system. The privacy analysis includes data privacy, location privacy, query and identity privacy. In addition, we also review privacy solutions when applying software defined network and blockchain under the above two systems. Next, we analyze the computational complexity and privacy protection performance of these solutions. Finally, we discuss open issues to facilitate further studies.

Ismini Psychoula,Liming Chen,Xuanxia Yao,Huansheng Ning

DOI: https://doi.org/10.1109/SmartWorld-UIC-ATC-SCALCOM-IOP-SCI.2019.00073

2019-01-01

Abstract:The Internet of Things has been used widely for the development of many different types of smart systems. But the constant monitoring of activities and behaviours and the collection along with the use of confidential data have led to increasing concerns about privacy which have indeed become one of the main barriers to technology acceptance and adoption. The development of new personalised technologies increases the use of sensitive data which should be kept hidden from third parties. The current methods are not sufficient and effective to assess and mitigate the significant privacy risks exposed by IoT and to support the design and adoption of privacy-aware smart systems. In this context, this paper proposes an architecture for privacy preservation which enables fine-grained control over data, anonymization and authentication. In particular, we introduce a privacy aware IoT architecture that utilises physical unclonable functions and deep learning to ensure the privacy of the collected IoT data.

Yi-Ning Liu,Yan-Ping Wang,Xiao-Fen Wang,Zhe Xia,Jing-Fang Xu

DOI: https://doi.org/10.1016/j.comnet.2018.11.028

IF: 5.493

2019-01-01

Computer Networks

Abstract:With the rapid developments of IoT technologies, a large amount of real-time data is collected and shared, having important impacts on many applications, such as business advertisement and decision-making assistance. However, most users are unwilling to share their personal data directly to any third party for either academic research or commercial analysis because personal data contains private or sensitive information, such as economic status or living habits. Balancing the utility of big data and users’ privacy is a vital issue in academia and industry. In this paper, a privacy-preserving raw data collection scheme for IoT is proposed, in which the participant's data is collected and obfuscated with the other participants’ data within a group in order to mask the individual's privacy. Specifically, individual data is kept in its raw format to enhance its value for the data consumer, while no other users outside of the user herself know the source of the collected data. In addition, no trusted authority (TA) is needed in our proposed scheme, which is more suitable for real-world applications. Moreover, efficiency analysis is performed by simulation, and the result shows that our proposed scheme is practical for IoT systems.

Chen Ling,Weizhe Zhang,Hui He

DOI: https://doi.org/10.1007/s10586-022-03755-4

2022-01-01

Cluster Computing

Abstract:Efficient privacy-preserving algorithms are used in internet of things (IoT) applications, virtualization and edge computing environments to decrease the high data disclosure risk. However, due to the strict security principles of current privacy-preserving algorithms, they ignore the time consumption. On the other hand, most existing privacy-preserving algorithms suffer from the overgeneralization problem, creating unnecessary information loss. Thus, two privacy-preserving algorithms are proposed in this paper for IoT applications in the virtualization and edge computing environment to address this problem and balance the information loss and disclosure risk. We first propose an overall metric to measure the performance of privacy-preserving algorithms and balance the information loss and disclosure risk. Second, the proposed algorithms can significantly decrease the time consumption by utilizing cached anonymized datasets. Moreover, the proposed algorithms also optimize the distribution of anonymized datasets and decrease the information loss by deleting the small equivalent classes. Experimental results show that our proposed algorithms are relatively fast, only consuming 34.3% operation time of current algorithms. Next, we tested the usability of anonymized datasets by putting them into an IoT application. The two datasets generate similar results, indicating that the proposed algorithms can satisfy the information loss requirements of IoT applications.

Jun Du,Chunxiao Jiang,Erol Gelenbe,Lei Xu,Jianhua Li,Yong Ren

DOI: https://doi.org/10.1109/mwc.2017.1800094

IF: 12.777

2018-01-01

IEEE Wireless Communications

Abstract:Recently, the Internet of Things (IoT) has penetrated many aspects of the physical world to realize different applications. Through IoT, these applications generate, exchange, aggregate, and analyze a vast amount of security-critical and privacy- sensitive data, which makes them attractive targets of attacks. Therefore, it is rather necessary for IoT systems to be equipped with the ability to resist security and privacy risks when fulfilling the desired functional requirements and services. To achieve these goals, there are many new challenges for IoT to implement privacy preserving data manipulation. First, data analysts need to process privacy-sensitive data to extract the expected information without privacy disclosure. In addition, many privacy related factors, including privacy valuation and risk assessment, affect sensitive and private data trading between data owners and requesters. Moreover, the data owners' security behavior also plays an important role in privacy protection in IoT applications. Concerning these issues, this article introduces and surveys privacy preserving techniques in the processes of data aggregation, trading, and analysis: the balance between data analysis and privacy preservation from the data analysts' perspective, secure data trading from the perspective of data owners and requesters, and secure private data aggregation from the data owners' perspective.

Fang Liu,Tong Li

DOI: https://doi.org/10.1155/2018/4945152

IF: 1.968

2018-01-01

Security and Communication Networks

Abstract:Wearable technology is one of the greatest applications of the Internet of Things. The popularity of wearable devices has led to a massive scale of personal (user-specific) data. Generally, data holders (manufacturers) of wearable devices are willing to share these data with others to get benefits. However, significant privacy concerns would arise when sharing the data with the third party in an improper manner. In this paper, we first propose a specific threat model about the data sharing process of wearable devices' data. Then we propose a K-anonymity method based on clustering to preserve privacy of wearable IoT devices' data and guarantee the usability of the collected data. Experiment results demonstrate the effectiveness of the proposed method.

Weiming Tong,Luyao Yang,Zhongwei Li,Jinxiao Zhao,Feng Pan,Liguo Tan

DOI: https://doi.org/10.1109/iccsie61360.2024.10698294

2024-01-01

Abstract:With the rapid development of the Industrial Internet of Things, a vast amount of data generates, collects, and processes, playing a crucial role in industrial production and operations. Addressing issues of privacy leakage, identity forgery, and data security during data transmission in IIoT, this paper proposes a data security transmission and privacy protection scheme based on blockchain technology. The scheme employs zero-knowledge proof algorithms for identity authentication of terminal devices to ensure the privacy of device information is not compromised, effectively preventing identity forgery and attacks. Additionally, it uses attribute-based encryption to secure the data's confidentiality. To ensure efficient data storage and the security of encryption keys, the scheme utilizes IPFS for on-chain querying and off-chain storage of data. The security of the proposed scheme is analyzed theoretically, and its computational overhead is evaluated experimentally. The results show that this scheme has lower computational overhead compared to other schemes, while significantly enhancing security and reliability.

Sun Guangzhong,Wei Shen,Xie Xing

2013-01-01

Abstract:In this paper,we illustrate the importance of privacy protection with an Internet case. Then we introduce some frequently-used anonymized methods in privacy protection,and present practical ways to de-anonymize data in some popular fields: rating recommendation system,social network and blogs. We believe the publication of data is beneficial to academic research,but we still need to work hard on privacy protection.

Linjie Zhang,Xiaoyan Zhu,Xuexue Han,Jianfeng Ma

DOI: https://doi.org/10.1109/wcsp.2019.8928020

2019-01-01

Abstract:With the sophisticated network infrastructure, the breadth of Open Data and the increased smartphones, the popularity of the IoT (Internet of Things) has risen sharply. The Internet of Things bridges the gap between the physical world and the virtual world. The Internet of Things provides intelligent data services to humans through the integration of physical objects and information networks. The impact of users' social connections and interactions on the Internet of Things and privacy protection has been ignored. Inevitably, these users are exposed to a serious risk of privacy breaches in the presence of untrusted service providers and malicious attackers. In this paper, we propose and implement an effective Internet of Things service with differential privacy-preserving to explore collaborative intelligence considering the social interaction of users in social networks. Compared to the outdated approach, our scheme can monitor various parameters of the entire site from the Internet of Things devices, find critical data, and send and deliver the requested service over the Internet in a fast and scalable manner. Additionally, our analysis clearly illustrates that our approach provides guidance for privacy protection in the social Internet of Things. Experiments using real data sets show that our solutions reduce costs, increase flexibility, and provide more accurate and efficient social Internet of Things devices services. We further explore the potential challenges that need to be addressed in this research area.

Xiao Chun Yin,Zeng Guang Liu,Bruce Ndibanje,Lewis Nkenyereye,S. M. Riazul Islam

DOI: https://doi.org/10.3390/s19143146

IF: 3.9

2019-01-01

Sensors

Abstract:In the age of the Internet of Things, connected devices are changing the delivery system in the healthcare communication environment. With the integration of IoT in healthcare, there is a huge potential for improvement of the quality, safety, and efficiency of health care in addition to promising technological, economical, and social prospects. Nevertheless, this integration comes with security risks such as data breach that might be caused by credential-stealing malware. In addition, the patient valuable data can be disclosed when the perspective devices are compromised since they are connected to the internet. Hence, security has become an essential part of today’s computing world regarding the ubiquitous nature of the IoT entities in general and IoT-based healthcare in particular. In this paper, research on the algorithm for anonymizing sensitive information about health data set exchanged in the IoT environment using a wireless communication system has been presented. To preserve the security and privacy, during the data session from the users interacting online, the algorithm defines records that cannot be revealed by providing protection to user’s privacy. Moreover, the proposed algorithm includes a secure encryption process that enables health data anonymity. Furthermore, we have provided an analysis using mathematical functions to valid the algorithm’s anonymity function. The results show that the anonymization algorithm guarantees safety features for the considered IoT system applied in context of the healthcare communication systems.

Shancang Li,Shanshan Zhao,Geyong Min,Lianyong Qi,Gang Liu

DOI: https://doi.org/10.1109/jiot.2021.3066427

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The emerging technologies, such as smart sensors, 5G/6G wireless communication, artificial intelligence, etc., have been maturing the future Internet of Things (IoT) by connecting the massive number of devices, which are expected to consistently collect and transmit real-time data to support business intelligence in an efficient and privacy-preserving way. The IoT can afford businesses predictive maintenance, improve field service, asset tracking, and further enhance customer satisfaction and facility management in industrial sectors. However, the privacy concern in IoT is a big challenge in IoT applications and services. This work proposed a lightweight privacy-preserving scheme based on homomorphic encryption in the context of the IoT, in which we investigated and analyzed the privacy issues between the data owners, untrustworthy third-party cloud servers, and the data users. Meanwhile, computationally efficient homomorphic algorithms are proposed to guarantee the privacy protection for the data users. Experimental results demonstrate that the proposed scheme can effectively prevent privacy breaches in IoT.

Xinyue Zhang

DOI: https://doi.org/10.1007/s11277-023-10822-5

IF: 2.017

2024-02-17

Wireless Personal Communications

Abstract:One of the most important modern technologies is IoT networks. IoT network is a distributed sensor network composed of multiple sensors with transmission, computing and communication capabilities. It collects the surrounding environment information through the sensors on the node, and collects data in the integrated node to achieve complete and efficient processing and analysis. With the development of intranet technology and sensors, data integration on intranet plays an important role. At the same time, privacy protection and data integration in IoT networks is a contradiction that needs to be reconciled. Data integration is one of the core businesses of the Intranet. The relationship between sensor data privacy and system integration is studied, and a framework for data integration error identification is proposed. However, it is not necessary to know the actual content of sensor data to ensure the privacy of sensor data. The experimental results show that this method achieves effective data integration while protecting the privacy of actual raw data and sensor data integration.

telecommunications

Shujuan Wang,Jian Wang,Zhengtao Yu

DOI: https://doi.org/10.1109/mwc.2017.1800109

IF: 12.777

2018-01-01

IEEE Wireless Communications

Abstract:Wireless IoT is a promising area in which large quantities of data and information are collected, exchanged, and stored constantly. While these data and information are utilized for good purposes in wireless IoT, great risks arise in that attackers are seeking to exploit the merits of this new technology for their own benefits. In such a resource-constrained environment, devices are easily exposed to various attacks. Confidential private information is as valuable as it is vulnerable. It is difficult for end users to trust wireless IoT and to adopt related applications due to the lack of satisfactory privacy-preserving mechanisms, which has become the major obstacle for the adoption and popularization of wireless IoT. In this article, we first introduce the classical application scenarios of wireless IoT, along with related security and privacy attack models. We then present a brief overview of privacy-preserving schemes of wireless IoT. Based on the classification of application scenarios, we further present recent advances in privacy-preserving mechanisms in wireless IoT. Finally, we discuss open issues and future research directions for these application scenarios in wireless IoT.

DOI: https://doi.org/10.1007/s11227-024-06209-3

IF: 3.3

2024-06-04

The Journal of Supercomputing

Abstract:The internet of things (IoT) has seen rapid expansion, but this growth brings significant privacy challenges due to the large amounts of data generated by myriad IoT devices. To address these challenges, this study introduces Smart Anonymity, a method that determines the optimal data anonymization algorithm for a dataset by assessing its unique features. The solution leverages OWL ontologies grounded in description logic (DL), which facilitates inconsistency checks and the discovery of new facts for data validation. Additionally, machine learning (ML) is incorporated to improve the accuracy of these classifications. ML is also instrumental in recommending suitable anonymization algorithms, with the random forest algorithm being employed explicitly for this purpose. The findings from this research indicate that Smart Anonymity effectively improves user privacy.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Mingshan Xie,Mengxing Huang,Yong Bai,Zhuhua Hu

DOI: https://doi.org/10.1155/2017/2970673

2017-01-01

Journal of Electrical and Computer Engineering

Abstract:In order to enhance the enthusiasm of the data provider in the process of data interaction and improve the adequacy of data interaction, we put forward the concept of the ego of data and then analyzed the characteristics of the ego of data in the Internet of Things (IOT) in this paper. We implement two steps of data clustering for the Internet of things; the first step is the spatial location of adjacent fuzzy clustering, and the second step is the sampling time fuzzy clustering. Equivalent classes can be obtained through the two steps. In this way we can make the data with layout characteristics to be classified into different equivalent classes, so that the specific location information of the data can be obscured, the layout characteristics of tags are eliminated, and ultimately anonymization protection would be achieved. The experimental results show that the proposed algorithm can greatly improve the efficiency of protection of the data in the interaction with others in the incompletely open manner, without reducing the quality of anonymization and enhancing the information loss. The anonymization data set generated by this method has better data availability, and this algorithm can effectively improve the security of data exchange.

Shuodi Hui,Zhenhua Wang,Xueshi Hou,Xiao Wang,Huandong Wang,Yong Li,Depeng Jin

DOI: https://doi.org/10.1109/jiot.2020.3038639

IF: 10.6

2021-05-01

IEEE Internet of Things Journal

Abstract:Privacy leakage of Internet of Things (IoT) has become a great challenge with the popularity of IoT services through mobile networks, such as smart homes, wearables, and healthcare. While previous work summarized general structures to analyze IoT privacy and provide case studies of specific devices or scenarios, it is still challenging to conduct a comprehensive and systematic quantification study of large-scale IoT privacy leakage in real world. To combine systematic analyses with real-world measurements, we provide a method to quantify IoT privacy leakage on a large-scale mobile network traffic data set containing 47651 IoT devices. We generate privacy fingerprints and attribute them to a privacy quantification framework. The framework is constructed based on the semantics of multiple privacy sensitive markers selected from the traffic along with the involved network entity types in IoT (i.e., user, device, and platform), and the fingerprints are generated from sensitive information extracted in the traffic via their markers. Our quantification shows that IoT users, devices, and platforms have considerable risks, respectively. Moreover, IoT devices have a larger scale of privacy leakage than users and platforms, and they perform different daily patterns on privacy leakage following their working conditions. In addition, we present three case studies on the leakage of location information, application calling, and voice service, which illustrate that a third party can profile a network entity in both cyberspace and physical space.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xiyang Liu,Xiong Li,Baojin Wang,Xiaosong Zhang

DOI: https://doi.org/10.1109/icpads60453.2023.00140

2023-01-01

Abstract:The Industrial Internet of Things (IIoT) has become increasingly significant, facilitating the development of production and manufacturing, etc. It will generate a large amount of valuable private industrial data, which can help managers draw up strategies. Data sharing technology is utilized to enable the data to flow among the participants. However, several problems, such as privacy breaches, behavior profile building, and collusion attacks, hinder this data sharing. To address these problems, we introduce a batch verification-based anonymous and traceable data sharing scheme in the Industrial Internet of Things. We formally prove that our scheme realizes security attributes of anonymity, confidentiality, unforgeability, etc. The experimental results show that our scheme costs less than 60% of the time compared to other related work.

Charith Perera,Rajiv Ranjan,Lizhe Wang,Samee U. Khan,Albert Y. Zomaya

DOI: https://doi.org/10.1109/MITP.2015.34

2015-06-08

Abstract:Over the last few years, we have seen a plethora of Internet of Things (IoT) solutions, products and services, making their way into the industry's market-place. All such solution will capture a large amount of data pertaining to the environment, as well as their users. The objective of the IoT is to learn more and to serve better the system users. Some of these solutions may store the data locally on the devices ('things'), and others may store in the Cloud. The real value of collecting data comes through data processing and aggregation in large-scale where new knowledge can be extracted. However, such procedures can also lead to user privacy issues. This article discusses some of the main challenges of privacy in IoT, and opportunities for research and innovation. We also introduce some of the ongoing research efforts that address IoT privacy issues.

Computers and Society,Databases,Networking and Internet Architecture

Yuwen Pu,Jin Luo,Chunqiang Hu,Jiguo Yu,Ruifeng Zhao,Hongyu Huang,Tao Xiang

DOI: https://doi.org/10.1155/2019/3985232

2019-01-01

Wireless Communications and Mobile Computing

Abstract:As the next generation of information and communication infrastructure, Internet of Things (IoT) enables many advanced applications such as smart healthcare, smart grid, smart home, and so on, which provide the most flexibility and convenience in our daily life. However, pervasive security and privacy issues are also increasing in IoT. For instance, an attacker can get health condition of a patient via analyzing real-time records in a smart healthcare application. Therefore, it is very important for users to protect their private data. In this paper, we present two efficient data aggregation schemes to preserve private data of customers. In the first scheme, each IoT device slices its actual data randomly, keeps one piece to itself, and sends the remaining pieces to other devices which are in the same group via symmetric encryption. Then, each IoT device adds the received pieces and the held piece together to get an immediate result, which is sent to the aggregator after the computation. Moreover, homomorphic encryption and AES encryption are employed to guarantee secure communication. In the second scheme, the slicing strategy is also employed. Noise data are introduced to prevent the exchanged actual data of devices from disclosure when the devices blend data each other. AES encryption is also employed to guarantee secure communication between devices and aggregator, compared to homomorphic encryption, which has significantly less computational cost. Analysis shows that integrity and confidentiality of IoT devices’ data can be guaranteed in our schemes. Both schemes can resist external attack, internal attack, colluding attack, and so on.